Senior Application Security Consultant-19000TLF
We are looking for great talent with the mission of guiding and evangelizing security for a cloud software company. As a Senior application security consultant you will focus on identifying and solving systemic problems, collaborating with our engineering teams, establishing best practices for our security program, and promoting good security practices throughout NetSuite. The ideal candidate loves architecting, building and breaking software. This is a job where details matter, and there are many details, including all of web security, mobile security, cloud security and software security. You must be able to tell the difference between a big problem, a minor weakness, and a false positive. You must help developers understand security concepts and practices.
Collaborate with application security management on program direction, team growth, and on addressing systemic security issues
Identify areas where our programs can be improved (especially through automation), and where possible implement those improvements
Identify, reproduce, and report security issues
Collaborate with software engineers to make our software better
Conduct internal security reviews
Collaborate with internal compliance personnel to identify and understand vulnerabilities related to compliance obligations
Mentor and act as a Subject Matter Expert for R&D Staff on all application security issues
B.S. in Computer Science, Computer Engineering, or related field
4+ years in the field of software development and/or application security
Strong ethics and understanding of ethics in information security
Knowledge of ISO-27001, BSIMM, OpenSAMM, Common Criteria, CLASP or other security frameworks and methodologies.
Programming experience (Python, .NET, Go, Java, C/C++, PHP). We are primarily a Java shop, but we work with multiple programming languages daily.
Experience working in an Agile development environment.
Capable of working independently
Ability to efficiently manage multiple tasks
Excellent communication skills in English
Experience speaking at security conferences or clubs are a plus
Recognized industry certification and/or continuing education programs are a major plus.
Detailed Description and Job Requirements
Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.
As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.
Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.