Senior Software Engineer - Security Engineering
**This position is based in Austin, TX**
Who you are: Do you live, eat, and breathe security? Are you someone who sees clever ways to break the rules in an application? Do you enjoy capture the flag or hacking challenges? Spiceworks just might have a position for you! We’re looking for a razor sharp engineer to help strengthen the security of our products for IT pros. If you’re a security fanatic who tirelessly fine-tunes their craft and seeks to improve their pen testing skills – it’s time to apply!
Who we are: Launched in 2006, Spiceworks is an Austin-based company that’s shaking up the tech space and transforming how products (hardware, software, and IT services) are marketed and sold to millions of IT professionals around the world. Thousands of tech brands (including Microsoft, Dell, HP, and Rackspace) use Spiceworks to reach and connect with these IT pros. Historically a tough market to reach, vendors love the unique ways Spiceworks helps them connect with this elusive market… so much so that Forbes touted us “the future of media.”
What makes Development at Spiceworks different: We take a lot of pride in the culture we've created here at Spiceworks. Read all about it from the words of our CTO and Co-Founder, Francis Sullivan. Also, be sure to check out Fix It Week - a practice that has grown in the Dev department and one our team finds instrumental in their overall success.
ResponsibilitiesYour day-to-day (as a Stellar Software Security Engineer, you’ll):
- Evaluate the design and development of product features and services
- Help secure the products that are used daily by millions of IT pros around the world
- Work directly with our external researcher program as well as experienced security engineers who are experts in the industry
- Work on every level of the stack – frontend to backend, and everything in between
- Educate, train and work collaboratively across the development teams to implement security best practices
What does it take to do this job?
- 5+ years of security experience
- Hands on penetration testing experience or vulnerability assessment
- Awareness of OWASP Top Ten and other types of web attack patterns
- Security audit tool experience is a plus
- Object-oriented programming skills with Ruby (Python or equivalent)
- Application and/or Web Application experience is a must
- Familiarity with HTML, CSS, JavaScript and Ruby-On-Rails (Django or equivalent)
- Experience with REST APIs is a plus
- Solving large-application/user-level problems, performance, scalability, etc.
- Skilled with distributed software (native or webapp) is a plus
- Some experience with SQL is desired
- BS or BA in math, engineering, computer science or related field preferred
Looking for all levels of experience.