Application Security Engineer

This job is the opportunity of a lifetime for an experienced application security professional looking to help define and implement the application security program, culture, and tooling of a purpose-driven technology startup in the adventure-rich Lake Tahoe area. 

In this job,  you will be a mentor and partner to our development and engineering teams. You will be THE subject matter expert regarding security in our software development life cycle (SDLC), and you will help build a culture of security within our development and engineering practices. You will be responsible for implementing security automation and frameworks as well as performing manual penetration testing. And you will search out vulnerabilities and be an active participant in remediation and process improvements. 

Reporting directly to the Chief Security Officer, this position is part of a highly-skilled security team working to develop secure architectures, patterns, and solutions from the ground up.

Key Expectations
  • Act as a security advisor to product managers and developers to ensure we design confidentiality, integrity, resiliency, and privacy into our services
  • Perform code reviews and work directly with developers to ensure effective and secure code development practices
  • Create security specifications, develop processes, and evaluate tools to aid in the secure development of cloud services
  • Drive adoption of security best practices and embedded cloud security controls as part of the SDLC
  • Implement security automation and frameworks for code quality and testing
  • Assist in the implementation of security-related product features like authentication, cryptography, etc.
  • Evaluate third-party Cloud services, systems, tools, and solutions
  • Perform penetration testing and assist with remediation of findings
  • Think creatively, own problems, seek solutions, and communicate clearly along the way
  • Contribute to a collaborative environment deeply rooted in learning, teaching, and transparency

Desired Skills and Experience
  • Bachelor's degree in Computer Science or equivalent practical experience
  • 5+ years’ experience in the application security and security engineering space
  • Programming experience with languages such as Python, Java, Scala, etc.
  • Knowledge of continuous integration tools (Jenkins, Git, etc.)
  • Experience with security best practices and solutions in AWS
  • Familiarity with security in serverless architecture and application designs
  • Solid understanding of application security vulnerabilities (OWASP top 10) and countermeasures to reduce related risks
  • Experience with dynamic and static security code analysis tools
  • Experience with common pentesting tools and services
  • Experience with vulnerability scanning tools
  • An aptitude for problem-solving
  • Ability to communicate effectively with colleagues at all levels
  • Serious interest in having fun at work

About Ridgeline
Ridgeline was founded by Dave Duffield in late 2017 to develop enterprise software for the investment management industry. Headquartered in the Lake Tahoe Basin, Ridgeline’s employees enjoy the lake-in-the-mountains setting and quality of life the location offers.

These company core values guide our collective and individual behavior, decisions, relationships, and points of view: Employees, Customers, Integrity, Innovation, Fun, and Profitability. If these values frame what’s important to you, perhaps you’re one of us.

Ridgeline is proud to be a community-minded, discrimination-free equal opportunity workplace.

Please contact careers@ridgelineapps.com for additional information.

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file