Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Application Security Engineer

MasterControl

Application Security Engineer

San Francisco, CA
Full Time
Paid
  • Responsibilities

    Job Description

    ABOUT MASTERCONTROL:

    MasterControl Inc. is a leading provider of cloud-based quality and compliance software for life sciences and other regulated industries. Our mission is the same as that of our customers to bring life-changing products to more people sooner. The MasterControl Platform helps organizations digitize, automate and connect quality and compliance processes across the regulated product development life cycle. Over 1,000 companies worldwide rely on MasterControl solutions to achieve new levels of operational excellence across product development, clinical trials, regulatory affairs, quality management, supply chain, manufacturing and postmarket surveillance. For more information, visit www.mastercontrol.com.

    SUMMARY

    The Application Security Engineer will shift security left and help development teams move fast while hitting risk benchmarks. The Application Security Engineer will be responsible for integrating security into the development of applications. The engineer will work closely with product and software development teams to threat model, vulnerability scan and penetration test the software, system and architecture while identifying the required control points in the application stack. They will also closely work with developers to diagnose, document and remediate security vulnerabilities. The engineer will also be responsible for evaluating, recommending, and implementing security related software on the SDLC. Further, the engineer must be comfortable leading and training developers in security best practices.

    RESPONSIBILITIES

    • Security Code/Design reviews
    • Application Security Architecture
    • Code level penetration testing
    • Security training and outreach to internal development teams
    • Security guidance documentation
    • Security tool development
    • Security metrics delivery and improvements

    PREFERRED SKILLS

    • 3+ years of Development experience
    • Intimate knowledge of the OWASP 10 and the corresponding mitigations.
    • An understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
    • An understanding of Domain Driven Design.
    • Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
    • Excellent written and verbal communication skills
    • Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
    • Strong understanding of application security frameworks
    • Knowledge of Burp, SAST, DAST, SCA, OSS, RASP, IAST etc
    • Offensive security certifications such as GXPN, GWAPT, OSCP, OSCE and OSEE.

    PHYSICAL DEMANDS AND WORKING CONDITIONS

    • Must be able to work well with people.
    • Ability to operate a computer and work at a desk for extended periods of time.
    • Ability to communicate effectively in writing, in person, over the telephone and in e-mail.

    WHY WORK HERE?

    #WhyWorkAnywhereElse?

    MasterControl is a place where Exceptional Teams come together to do their best work. In fact, hiring Exceptional Teams is a core value of ours. MasterControl employees are surrounded by intelligent, motivated, and collaborative individuals. We like to call it #TheBestTeamOnThePlanet.

    We work hard to develop and challenge our employees' skillsets, recognize their contributions, encourage professional development, and offer a one-of-a-kind culture. This is why we say #WhyWorkAnywhereElse?

    MasterControl could be your next (and last) career move!

    Here are some of the benefits MasterControl employees enjoy:

    • Competitive compensation
    • 100% medical premium coverage (yes, you read that right!)
    • 401(k) plan with company match
    • Generous PTO packages that increase with tenure
    • Schedule flexibility
    • Fitness clubs (you get paid to have fun and be active!)
    • Company parties and employee recognition programs
    • Wellness programs (free Fitbit, gym membership and athletic shoe reimbursements, etc.)
    • Onsite physician and massage therapist
    • Innovation center and gaming rooms at the office
    • Dental/vision plans
    • Employer paid life insurance policy
    • Much, much more!

    Applicants must be currently authorized to work in the United States on a full-time basis.

    JOB POSTED BY APPLICANTPRO