CLEAR - Corporateposted 2 days ago
$170,000 - $215,000/Yr
Full-time - Senior
NY
About the position
We are looking for a Senior Application Security Engineer to join our growing team. As a Senior Application Security Engineer, you will have the opportunity to take your penetration and overall application security testing to the next level. Our team performs everything from biometric and Web security testing to remediation, as well as creating automated security products, enabling stakeholders across CLEAR to deliver secure software.
Responsibilities
- Partner with the company’s Product, Software Engineering, DevOps, and IT teams
- Perform security risk assessments, manual penetration security testing, automate security testing, threat modeling, and develop/conduct education on secure coding
- Deliver security products and consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CLEAR’s next generation CI/CD pipelines
- Lead internal and external penetration tests across CLEAR’s most critical assets, as well as triage issues with internal stakeholders for remediation
- Develop functional and non-functional security requirements
- Conduct security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software
- Implement and manage security tools, including SAST, DAST, SCA, and other security automation frameworks
Requirements
- Minimum of 5 years of experience in software development and implementing security into SDLC processes
- Minimum 2 years relevant architecture experience with expert level knowledge of application systems design and integration
- Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10 or CWE Top 25, including PoCs, automating attacks, and secure code remediation
- Excellent interpersonal communication skills. Can explain very technical topics to all audiences and break down vulnerabilities to both developers and leadership
- Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security
- Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, RASP, WAF) and building strong vendor relationships
- Familiarity with one or more industry standards and regulations such as PCI, NIST 800-53, FedRAMP and ISO27001
- Strong programming and scripting experience in Python, BASH, Go, Java, JavaScript or similar
- Experience using security testing tools such as Burp Suite, Metasploit, OWASP ZAP, nmap, Frida, etc.
- Experience with mobile platform-specific security, privacy, and permission concepts for iOS & Android mobile platforms as well as mobile technologies such as WebViews, TouchID/FaceID API, etc.
Benefits
- Comprehensive healthcare plans
- Family building benefits (fertility and adoption/surrogacy support)
- Flexible time off
- Free OneMedical memberships for you and your dependents
- 401(k) retirement plan with employer match
- Meals and snacks
- Stipend and reimbursement programs for well-being and learning & development
Hard Skills
Android
1
Bash
1
Burp Suite
1
Go
1
Java
1
1Gz9jPuyQwY NDSdpb3
0
3ClF5G9ik 9BGPY4Ji2bVSO8x
0
4dDTZ TqV0
0
4eQ3o9dt6 v3DEa4Rk8KbF
0
5rXstfDA nYOLN2rqM
0
6HTd1YCJyov YhdzFjvtMbsU
0
6J9FC47 ZoTDt1uve
0
8LGECq90P YKOJzku1 QOXzriN8LFgM
0
FGW3rP7teADS 4BtGuTDyF
0
FbBWzdQ FVdh2vijQmoI
0
G1Cghzlbi QW1AenRFX9w
0
IwWyu7Udh NV0k7AUeYi5S
0
J2aseX5 wemvRBk
0
J5smqcWab ze8KcgM0i
0
Mwl3ALkf6 SodYsaLkyzu1
0
PIcixDCbV NDzldi0snm
0
PrXhdbD cOlbefY
0
QVpsld6 3lJ2Nn7ok
0
R3WnUog5a SnbF2PM3
0
SapDt 1OzS362HiQ
0
UklmKhBQEM3
0
W8oVex2 c58jFYrz9N3d
0
X62HNsA94cG gPbVuz
0
XF6QxKCNc LRd4QnJUlwxomac
0
Y7UztEKFBf8y wGlMCZqD
0
ZObcgqh8y9W YGtOHjU5S
0
a4oVgTJu PsqIQfTY6
0
abPwNKRhYJyzse 2eVZgdtW3oxi956
0
bsgNo dhl9kiJXMv3
0
bxlh2w
0
d0REHu6zBKk
0
dYyl8 clWyeb
0
fXMYKa6nW LC1UWRoT
0
iVaQMCfuryeU m0wTUornO
0
lcfr842C1 hzKrSpljbQyk
0
qoAmZ1c
0
rvfBJCNOco46 uB4GQZLCD
0
xjN2u PFkybT
0
yxAU4 E043Moq
0
zFjVCgEt8 qgtVunJSF
0
Unlock 40 more keywords by signing up for Teal+Sign Up
A Smarter and Faster Way to Build Your Resume