Sailthru is the largest sender of personalized email on the planet. But were so much more than an email provider or cross-channel marketing hub. Were committed to creating true partnerships with our clients, not just being another vendor. Working with some of the biggest names in ecommerce & publishing, we help deliver personalized email, mobile messaging, & onsite experiences to billions of consumers.
Sailthru is proud to be part of the CM Group, a world-class portfolio of technology products including Campaign Monitor, Deliver, Emma, Liveclicker, & Vuture. Our mission is to be the most respected, fastest growing marketing technology company in the world. We have teams all over the globe from NYC to San Francisco to London to New Zealand making it a reality.
Sailthru is looking for an Application Security Engineer in our NY office with an understanding of application security, secure software architecture & design principles, the software development lifecycle, & the cloud to join our growing Engineering team. You will be a key member of our engineering team, working hands on with our team & code base to not just fix security issues, but also design & architect secure solutions to help us shift left on security & improve the overall security posture of the platform.
What Youll Do
- Collaborate with our engineering & product teams to improve the security posture of new features in their design phase (shifting left on security)
- Work hands on with our engineering teams to resolve security issues & harden the platform from potential security vulnerabilities
- Manage & automate security processes involved in the SDLC (CI/CD, static code analysis tools, etc.)
- Partner with our global security team & outside vendors, participating in security assessments of networks, systems & applications delivered internally & externally
- Deliver education on secure coding practices to product engineering teams. Be an advocate for security best practices in engineering & the broader org.
You are smart, autonomous, confident, personable & friendly, & you communicate clearly & respectfully. You have a background in secure software design, software engineering, & security / cloud operations. You live & breathe security best practices & are passionate about learning new security challenges & trends.
- Relevant BA / BS degree in Computer Science, or equivalent experience
- Strong understanding of application security architecture & the ability to articulate best practices in application security.
- Experience working with Java, PHP, & Python strongly preferred
- Excellent communication skills. A demonstrated ability to explain complex technical issues all audiences.
- Strong, proven experience integrating application security into SDLC & CI/CD processes including automated workflows
- Familiarity with securing AWS-based infrastructure & services
- Good understanding of how web applications work, from the underlying network protocols (HTTP, TCP) through to web server (IIS, nginx, Apache), browser behavior & everything in between
- Passion for security & automation
- Ability to work autonomously & as part of a global team, communicating & coordinating regularly with our Sydney, Australia-based security team