Qlik - Waltham, MA
posted 2 months ago
The Application Security Engineer / Penetration Tester position at Qlik is designed for experienced penetration testers with a strong background in software engineering. In this role, you will be an integral part of our Security team, responsible for independently planning, executing, and thoroughly documenting penetration tests in accordance with industry best practices. Your expertise will be crucial in delivering the status of features and products, ensuring that security is prioritized throughout the development process. You will have the autonomy to identify vulnerabilities and provide effective solutions, making a significant impact on the overall security posture of our applications. As a champion of security best practices, you will inspire and promote software security guidelines, contributing to a culture of security awareness within the organization. Collaboration is key in this role, as you will work closely with stakeholders to assist in the design, development, and testing of features, ensuring that security considerations are at the forefront. Additionally, you will be responsible for producing comprehensive threat models for proposed features, offering valuable insights and suggesting defensive countermeasures to mitigate potential risks. Your contributions will include resolving vulnerabilities by working with third parties to replicate reported security issues and collaborating with R&D teams to develop and implement effective fixes. You will also verify results from automated vulnerability assessment tools, ensuring accurate identification of vulnerabilities while minimizing false positives. Manual penetration testing will be a significant part of your responsibilities, utilizing both manual methods and automated tools to conduct thorough security evaluations. Furthermore, you will play a vital role in coaching and training developers on best security practices, creating and delivering engaging training content as needed.