Application Security Engineer
Bullhorn is looking for an Application Security Engineer to join our IT team.
Bullhorn is the leading global software provider for the staffing and recruitment industry. More than 10,000 companies rely on Bullhorn’s cloud-based platform to power their staffing processes from start to finish. Through our incredible products and services, we create raving fan customers, resulting in company growth that consistently offers new opportunities for our talent to advance their careers. 25% of our global workforce gets promoted or moves into a new role every year, expanding their skills and working with new people. Bullhorn is large enough to provide these exciting opportunities but small enough to maintain the energy of a startup, and we’re consistently ranked as a great place to work for our strong culture and rewarding career opportunities.
Our commitment to our employees: Every Bullhorn employee has a sense of belonging, a voice that is heard, and a clear path to success. Bullhorn offers unlimited planned vacation, great opportunities for career development, quarterly paid volunteer days through its philanthropic group Bullhorn Cares, and an open invitation to Bullhorn Allies groups, which celebrate and cultivate diversity and inclusion for all employees.
Our in-office employees enjoy a casual, collaborative environment with weekly catered-in lunch and breakfast, and quarterly social events. While working from the comfort of their own homes, our remote employees are provided a full equipment package with all the tools they need to perform their role. We use Zoom, Slack, and other tools to stay connected while we are remote.
Why this job is important:
As an Application Security Engineer at Bullhorn, you will lead the Application Security Program on the Information Security team. You will work hand-in-hand with developers to implement and mature security tools, advise on best practices, and promote security initiatives. A successful candidate for this position will have excellent communication skills, a strong understanding of application security and risk, and the ability to lead cross-functional teams.
The person in this role will assist in ensuring that Bullhorn’s web applications are secure. They will provide security input throughout the software development lifecycle, from developer security training to penetration testing and web application firewall tuning. They will empower developers to perform security checks on their applications using Shift Left principles.
As an Application Security Engineer, a typical day might include:
Evaluating and prioritizing vulnerabilities with development teams
Interpreting the results of penetration tests and security scans to provide risk-based recommendations for remediation
Recommending best practices for security in application design and development
Delivering secure coding training courses and facilitating security tournaments
Tuning WAF deployments to increase protections
Coordinating penetration tests for SaaS applications
This job might be for you if you have:
2+ years of application security experience, preferably working with SaaS applications
Experience with application security penetration testing and/or static/dynamic application security assessments (SAST/DAST)
Familiarity with the Software Development Lifecycle (SDLC) and associated tools (Git, Jenkins, Jira)
A deep understanding of common application vulnerabilities, including OWASP Top 10
Experience writing enterprise security standards, policies, and coding guidelines
Bonus points for:
Knowledge of one or more software languages such as Java, .Net, Python, PHP
Experience with Akamai Kona and/or Imperva (Incapsula) Cloud WAF
Experience securing Docker, Kubernetes, or other containerization technology
Knowledge of 3rd party library security tools like Black Duck, Veracode SCA, Snyk, or other software composition analysis technology
OSCP, GWAPT, GPEN, GXPN, CEH or other security certifications
Bullhorn is committed to our core values and we are looking for people who exhibit these traits:
Service - You go beneath the surface to solve problems.
Energy - You build up your teammates and leave people positively charged.
Ownership - You take action and own up to your mistakes.
Speed & Agility - You go around obstacles and demonstrate urgency.
Being Human - You consider other people's perspectives, laugh, and have fun.
#LI-LB1