Application Security Lead
HYPR, The Passwordless Company, is looking for an Application Security Lead to join our Technical Operations Team. This is an internal opportunity which is crucial in the success of developing our Passwordless products to the highest security standards.
As a hands on engineer, you'll be working with development teams, leadership teams, & other engineers to identify security vulnerabilities within our code. Youll conduct vulnerability assessments, perform penetration tests, (Grey, black, white) across a wide variety of application technologies & platforms across mobile & web.
- Candidate must reside in the United States
- Bachelor's degree preferred, strong preference for Computer Science field of study
- Minimum of 5 years of relevant work experience
- Conducting application security reviews & threat modeling, including code review & dynamic testing.
- Collaborating with engineers & teams to perform security architecture & design reviews of systems & applications
- Coordinating 3rd party penetration tests & bug bounty programs
- Managing & evaluating security tools - SAST, DAST, RASP, security & licensing analysis for third-party libraries & code
- Defining & maintaining application security & SDLC policies
- Developing application security training program & materials for the development teams
- Expert knowledge of a variety of application technologies, platforms, services & languages to find flaws & exploits such as:
- SQL Injection, Authentication, Privilege Escalation, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Business Logic Bypass
- Strong written & verbal communication skills
- Flexible & willing to accept a change in priorities as necessary
Nice to Have:
- Having the ability to create custom exploits for code
- Experience in developing application security roadmap according to SAMM/BSIMM frameworks
- Experience in serving as an escalation point for application security incidents
- Experience with participating in customer application security review meetings
- Assistance with security questionnaires & developing response knowledge base
- Experience developing customer facing documents & whitepapers on product/company application security
The Benefits of Working with HYPR:
- Long-Term stability within a high-growth sector within identity access automation.
- Our team members have a broad range of talents & skills from different technology sectors. Youll be joining a team of All Stars who consistently deliver the highest quality in all areas of customer service & success.
- An organization with a great work life balance. Many of our employees have families & responsibilities outside of the office that they are able to easily meet.
- A mission driven culture. At HYPR you will never be spinning your wheels on tasks that wont make an impact. Everything we develop is cutting edge & vital to the success & security of our clients.
- An emphasis on collaboration & access to giants in the industry. We achieve our best because we employ the best.
Work authorization: USA
Full Time Opportunity: Yes
Remote: Yes (Onsite in NY Corporate HQ)
HYPR is an Equal Opportunity Employer