Cvent

Senior/Lead Application Security Engineer

Penetration Tester in McLean, VA

Posted 2019-08-27
Description

Cvent’s Information Security team is rapidly growing and seeks a Senior/Lead Application Security Engineer focused on driving and owning our application security programs with the Cvent product and development teams. This person will be conducting regular security reviews (e.g. threat modeling, SAST, DAST), working closely with our internal product and development teams to ensure timely resolution of found security gaps, and providing security assurance to our external clients. This position requires both strong technical and communication skills, with experience in finding and advising on fixes for application security vulnerabilities, and excellent oral and written communication skills to coherently relay security information to both business clients and technical audiences. This person must be able to handle multiple deadlines and high priority issues at the same time, be able to adapt quickly against shifting priorities, and drive security resolution in a fast-paced and high-profile technology landscape.

Position Duties:
Drive our secure SDLC program with product development teams ensuring secure coding practices, SAST, DAST, and pentesting activity occurs on a regular basis
Conduct threat modeling and static/dynamic application security testing with automated and manual testing techniques
Report and triage vulnerabilities; provide metrics, track, plan, and ensure timely remediation of open issues
Collaborate and communicate effectively with product and development teams to ensure security is championed throughout their processes
Provide remediation plans and status updates on vulnerability closure to clients on a regular basis
Coordinate and negotiate security pentesting activity with clients and 3rd party vendors
Assist in technical audit activity to ensure compliance with security policies and other industry standards (e.g. PCI, ISO27001, SOC1/SOC2)

Candidate Requirements:
5+ years of experience in application security, preferably with a coding/development background
Bachelor’s degree in an Information Technology related field of study or equivalent experience; relevant, industry recognized security certification such as CISSP, CEH, GWAPT
Strong knowledge of secure coding and application security testing practices
Experience testing web applications with common application security testing tools such as Checkmarx, Burpsuite, and AppScan; experience testing mobile/API applications a plus
Exceptional communication, teamwork, and influencing skills that foster a collaborative and continuous-improvement environment
Ability to communicate technical issues to both technical and non-technical audiences
Ability to adapt to a hyper-growth pace and changing priorities
Ability to manage multiple, concurrent projects, activities, and tasks under tight time constraints
Self-motivation and the ability to work under minimal supervision

Ready to be seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Company summary

We are the world's leading provider of cloud-based software for meetings, event management, and hospitality. Companies use our SaaS platform to handle and facilitate online event registration, venue selection, budgeting and event management, website design, email marketing, day-of-event activities, social media integration, and much more. We build elegant software that helps event planners take the event experience to their attendees via our responsive mobile web, HTML5, and native mobile apps, backed by a robust microservices architecture.

At Cvent, we know that our people make the difference and help fuel our growth – which is why we are hiring more than 1,000 people in 2018. We invest in our employees and offer a unique work environment where people can cultivate their careers and an enjoy an enriching company culture; all while helping to power the human connection.

Perks

We offer competitive salary packages, an extensive benefits package for all full-time employees, including medical, dental, vision, semi-annual bonuses, 401K match, gym membership discounts and other great perks.

In addition, some intangible benefits of working at Cvent include culture: we firmly believe that our employees are the #1 priority, so a lot of our business decisions reflect our beliefs. Being a sensible, business operator; being direct and offering your opinion; having a sense of urgency; being agile and quick to pivot for adaptability; making informed decisions and calculated risks; and striving to be the top 1%. We're a pretty flat organization where your voice will be heard, and your impact can be made in very far-ranging ways.

Tech Stack

Java, Javascript, Node.js, Angular, React, AWS (EC2, ECS, Lambda, RDS, S3, DynamoDB), Docker, PostgreSQL, SQL, CouchBase, Oracle, Chef, Puppet, React Native, iOS, Android

Interview process

Candidates will first speak with a member of our Talent Acquisition team, to get more information on the position and also what the fit can look like.

The next step will be to have a technically-focused phone interview with the hiring manager, and complete a few assessments. We like to do a screen share and walk through a coding exercise together.

Afterwards, the final step is to come onsite into one of our various offices where you will be potentially working at, and have some one-on-one discussions with key people with whom you'll be working with and influencing. If the match and fit is right, you can expect an offer!

Be seen in a new Penetration Tester job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and be seen.