BUILD WHERE YOU'RE STRONGEST

All of our portfolio companies are hiring. We’d love to help facilitate a match.

Senior Application Security Engineer

ApplyBoard

ApplyBoard

Gurugram, Haryana, India
Posted on Apr 5, 2023

ApplyBoard simplifies the study abroad search, application, and acceptance process by connecting international students, recruitment partners, and educational institutions on one intuitive and personalized platform. ApplyBoard is a mission-driven, hyper-growth organization. It has been attracting dedicated individuals for more than eight years who are inspired every day to break down barriers to international education and take their careers to new heights at a company that will invest in their career growth. Our six core values are our compass in our mission to Educate the World and the foundation of our unique company culture. As an organization built on a foundation of diversity, it’s important that our team members are representative of the students from more than 140 countries that we support.

The Opportunity:

We are currently seeking a Senior Application Security Engineer to establish, own and grow the Application Security Program at ApplyBoard. The Senior Application Security Engineer will serve as a technical interface, key adviser and subject matter expert to determine security requirements and support development, testing and delivery of secure products in a modern public cloud architecture. You will be a highly visible leader who will work closely with software development teams to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications.

What you’ll be doing everyday:

  • As a Senior Application Security Engineer you will be responsible for supporting the organization as a source for Application Security Program leadership and expertise. You will work closely with Engineering, Product Management, DevOps and third-party groups to ensure ApplyBoard products are secure by design.

  • Represent the Security team across and outside of ApplyBoard as a subject matter expert in technology, development, and application security concepts.

  • Drive the technical direction, roadmap, and architecture blueprints of the Application Security Program.

  • Work in a leveraged manner influencing other organizations and teams across ApplyBoard with application security approaches and a focus on problem solving.

  • Support and consult with Product and Engineering teams in the area of application security.

  • Participate in and support application security reviews and threat modeling, including code review and dynamic testing.

  • Own and perform application security vulnerability management.

  • Facilitate and support the preparation of security releases.

  • Perform application testing and review security test results from scans and penetration testing to identify viable vulnerabilities that may be exploited and propose remediation solutions or mitigation controls.

  • Develop security controls and processes for products and services developed and deployed in a cloud environment.

  • Develop and implement metrics and reporting processes to track security-related risks or policy gaps and correlating action plans to ensure issues are resolved.

  • Perform threat modeling, conduct security architecture reviews and provide training to architects and developers to enhance adoption of secure coding practice within the product development lifecycle.

  • Conduct authorized offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls.

  • Provide security related coaching, training and expertise to drive and elevate security expertise within the development teams

  • Responsible for promoting, designing, and evaluating application security in all phases of the software development life cycle, and constantly looking for innovative ways to improve processes.

  • Lead in development of automated security testing to validate that secure coding best practices are being used.

  • Support and evolve a Bug Bounty Program.

What you bring to the table:

  • Advanced degree in Computer Science, Security and/or Technology, or the equivalent combination of education, training or experience

  • CISSP, CISM or other related Information Security certifications

  • Certified Penetration Testing Professional (CPENT) or equivalent

  • 10+ years previous experience on a Security Operations, Software Development, Application Security team, or relevant education

  • Significant experience in the field of cybersecurity and/or application security, including time as an engineer writing code, conducting code reviews or in a senior role contributing to secure software design, development and testing processes

  • Strong understanding and experience with common security libraries, security controls, and common security flaws.

  • Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies

  • Basic development or scripting experience and skills in multiple languages. Ruby and Ruby on Rails is preferred

  • Expert understanding of Internet security issues, application security technologies, cloud architectures, and threat landscape concepts

  • Expert understanding of the Software as a Service (SaaS) model

  • Well versed in web application design, penetration testing, application risk assessment and risk categorization

  • Success in implementing effective Secure SDLC frameworks across a large corporation.

  • Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning

  • Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies

  • Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models.

  • Highly effective communicator; well-honed influencing and negotiating skills

  • Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.

  • Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams

Ideally, you also have experience with some of:

  • Project Management Professional (PMP) or Certified Project Management Practitioner (CPMP) is considered an asset

  • Hands on experience architecting, automating, maintaining, and securing Cloud Computing Platforms - AWS experience a plus.

  • Demonstrated track record of cultivating strong working relationships and driving collaboration across multiple technical and operations teams

  • Strong data analysis skills; the ability to run data analysis and synthesize data to make on-point business decisions

About ApplyBoard

ApplyBoard empowers students around the world to access the best education by simplifying the study abroad search, application, and acceptance process to more than 1,750 institutions across Canada, the United States, the United Kingdom, Australia, and Ireland. Headquartered in Kitchener, Ontario, Canada, and with an additional operational office in Gurugram, India, ApplyBoard has helped more than 600,000 students from over 150 countries fulfill their study abroad dreams since 2015.

In 2022, Deloitte named ApplyBoard one of the fastest-growing technology companies in Canada for the fourth consecutive year, ranking #30 on the Deloitte Technology Fast 50 and #170 on the 2022 Deloitte Technology Fast 500 list. ApplyBoard ranked on LinkedIn’s 2022 Top Startups List in Canada in 2020, 2021, and 2022 and was recognized as CIX’s Innovator of the Year 2022 and the EY Entrepreneur of the Year 2022 Ontario Winner. In 2023, ApplyBoard India was Great Place to Work® Institute (India) certified for outstanding employee experience and workplace culture.

Thank you for your interest in joining ApplyBoard on our mission to Educate the World. Please note that only qualified applicants that have been selected for an interview will be contacted.

ApplyBoard welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.