[Remote] Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. Virtru is a company focused on redefining data security by enabling intentional sharing without sacrificing security, privacy, or control. The Application Security Engineer will be part of an innovative product security team, responsible for collaborating with development teams to strengthen security practices, manage vulnerabilities, and conduct security assessments.ResponsibilitiesCollaborate with development teams, Site Reliability Engineering, and other stakeholders to strengthen the adoption of security best practices throughout the SDLCIndependently identify security improvements and implement themImplement, manage, and automate vulnerability management processesPrioritize and remediate vulnerabilities discovered through internal scans, penetration tests, and bug bountiesConduct threat modeling, code audits, design reviews with engineers to ensure effective and secure developmentCollaborate in providing actionable recommendations to find workable solutionsEstablish a threat hunting capability and automate where appropriateEnhance logging capabilities related to security eventsIntegrate and manage dynamic and static code analysis toolsEnsure operation of security tools within the development pipelineSkills4+ years experience in secure development or application securityDeep knowledge of security concepts such as authentication, web architecture, etcExperience with Nodejs, Go, etcExperience running bug-bounty, penetration testing, vulnerability scanning programsExperience setting up and maintaining SAST, DAST, IAST and SCA toolingExperience using assessment tools such as Burp, ZAP, Qualys, Nessus, etcExperience building and maintaining WAF solutionsFamiliarity with industry security practices, standards, and regulations such as FedRAMP, SOC2, HIPAA, etcFamiliarity with GCP/AWS and Kubernetes infrastructure securitySelf-motivated and goal driven, able to find what needs to be done and do itBenefitsA **Flexible PTO policy** — we strongly encourage you to take time off (in addition to 14 holidays) to ensure that you are getting the proper time needed to unplug and recharge.A $1,500 annual **Learning & Development Stipend** focused on providing you the resources to continually learn and professionally grow.Frequent company-sponsored **team celebrations** that provide ample opportunities to connect with teammates and be social!Access to an **Employee Assistance Program**Access to **Headspace**, a mental health app tailored to your specific needs.A flat 3% contribution to your retirement account**A high degree of flexibility** — Have an appointment, errand, or family emergency to take care of? Hop to it! We give you the time and space to take care of you and your own first.Competitive compensationGenerous parental, medical, and bereavement policies401K contribution and stock optionsFull medical, dental, and vision benefitsNew Hire Swag and IT Welcome boxesStructured semi-annual 360° performance reviewsCompany OverviewVirtru provides data encryption for email and file sharing, enabling users to easily control access to their sensitive data. It was founded in 2012, and is headquartered in Washington, District of Columbia, USA, with a workforce of 201-500 employees. Its website is https://www.virtru.com.