Application Security Engineer
Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
About InvoiceCloud:
InvoiceCloud is a fast-growing fintech company with an award-winning culture and a leading disruptor in the electronic bill presentment and payment (EBPP) space. Serving more than 3200 customers across the utility government and insurance industries InvoiceClouds secure and innovative SaaS platform enhances the customer experience driving higher digital payment AutoPay and paperless adoption rates. By switching to InvoiceCloud clients can improve customer engagement and satisfaction while lowering costs accelerating payments and reducing staff workloads. To learn more visit.
Mission:
Excellence in technology information security and regulatory compliance are foundational to our success. While complex software development lifecycle (SDLC) processes are supported and automated by advanced systems their effectiveness depends on consistent reliable execution across all business functions. This challenge is amplified by variations in coding practices and development pipelines across teams and organizations. To meet these demands a comprehensive and integrated application security program must be clearly defined diligently maintained effectively implemented and consistently measured to ensure that every application we deliver achieves the level of security expected by both our company and our customers.
The Application Security Engineer plays a key role in reducing risk across InvoiceClouds platform by driving the application security program. This role requires strong attention to detail persistence expertise in application security and programming languages planning skills self-motivation organization communication and problem-solving abilities. The Application Security Engineer will own all aspects of creating fostering implementing and maintaining an application security program across the firm. The primary objective of this position is to consistently identify prioritize and mitigate risks related to application security in an effective manner.
Responsibilities:
- Lead application security reviews and threat modeling including code review and dynamic testing.
- Own and perform application security vulnerability management.
- Lead product and development teams in application security.
- Lead development of automated security testing to validate that secure coding best practices are being used.
- Guide and advise product development teams as SMEs in the area of application security.
- Work closely with developers to help improve the security of their products and services as well as designing technical solutions to address security weaknesses and working with relevant stakeholders to implement them.
- Serve as the liaison between management and development resources for matters pertaining to application security initiatives.
- Serve as the point of contact regarding overall application security program process.
- Interact with development personnel management consultants and other company personnel to proactively and reactively maintain security risk objectives.
- Collaborate in the creation maintenance of IT control matrices and IT process documentation for various compliance requirements (PCI DSS NIST CSF Enterprise Risk & Security and Operations Applications and ITGC procedures).
Qualifications:
This role has privileged access to highly sensitive information intellectual property legal matters and complex business scenarios. The successful candidate has:
- Bachelors in Computer Science Information Technology or related is preferred
- 5 years of application security experience
- Hands-on experience across SDLC activities such as threat modeling secure code review vulnerability management and penetration testing
- Certifications such as CISSP CSSLP CEH OSCP or GIAC preferred
- Upholds strong ethics when handling sensitive and confidential information.
- Experience analyzing system services spotting issues in code networks and applications from a security perspective has troubleshooting skills to recognize security issues that appear under new threat scenarios.
- Demonstrated knowledge in resolving vulnerabilities in various programming languages JavaScript and Python.
- Demonstrated knowledge and ability to deploy tools methodologies and controls to reduce application security risk.
- Possesses strong decision-making capabilities and an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Foundational knowledge of deploying and securing SaaS applications and cloud environments
Personal Skills
- Optimistic persistently driving for the positive outcome
- Team player; collaborative and can work independently.
- Excellent coordination and orchestration abilities
- Strong work ethic interpersonal skills time management planning and execution skills
- Resourceful collaborative out of the box thinking
- Demonstrates a personal code of ethics integrity and trust
- Able to successfully navigate within varying degrees of ambiguity in a fast-paced environment
- Efficient communications skills (written/verbal) and interpersonal savvy
- Possess a good sense of self and a strong approachable personal presence.
- Possess the determination to get results without harm provide transparent feedback and prioritize a positive outcome.
InvoiceCloud is an Equal Opportunity Employer.
InvoiceCloud provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.
This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.
If you have a disability under the Americans with Disabilities Act or similar law or you require a religious accommodation and you wish to discuss potential accommodations related to applying for employment at our company please contact .
Click here to review InvoiceClouds Job Applicant Privacy Policy.
To all recruitment agencies:InvoiceCloud does not accept agency resumes. Please do not forward resumes to our jobs alias employees or any other organization location. Invoice Cloud is not responsible for any fees related to unsolicited resumes.
Employment Type
Full Time
