About UsHave you ever had the opportunity to impact the lives of millions of people in a meaningful way and help them enjoy time away with their friends and families building memories?

That is what we do here at HomeAway.com, an Expedia Inc. company. We are the leading vacation rental website in the world with more than one million online bookable vacation rentals. Our mission is to make every vacation rental in the world available to every traveler in the world through our online marketplace and we're committed to helping families and friends find the perfect vacation rental to create unforgettable travel experiences together.

DescriptionThe right candidate will have multiple years of experience focusing on Application Security in Java and .NET Frameworks in the cloud. This role will be both fun and challenging, including working with various development teams to analyze, identify and report application vulnerabilities. This role will interface with various development teams and drive security requirements that affect the security posture of the company.

Required Skills & Experience

• Focused on providing application security architecture strategies, requirements and recommendations.
• Demonstrated experience with automated and manual run-time assessments and automated / manual code review.
• Demonstrated ability to conduct threat modeling.
• Demonstrated experience with secure SDLC review and development, and secure code training for developers within an agile development environment.
• Experience with source code analysis scanners such as Ounce, AppScan, and Fortify.
• Requires excellent written and communication skills, and a demonstrated technical expertise in security, programming and application vulnerabilities.
• Demonstrated development knowledge of Java and .NET frameworks.
• Demonstrated knowledge of secure coding libraries, including custom solutions.
• Ability to develop guidance, metrics, and assessment tools for improving critical infrastructure security.
• Experience with penetration testing and breaking web frameworks.
• Experience with AWS services, Node.js, Docker, and Jenkins.
• Must be able to take code / development to development teams.

Qualifications

• Bachelor's Degree or equivalent training and experience in programming, networking and security fundamentals, and application and database security.
• Two to five years of employment with significant responsibilities for enterprise application development, application security assessments, source code analysis, and/or application security vulnerability research, analysis and consulting.
• Experience in identifying application vulnerabilities, appropriate security related solutions, and strategies for risk mitigation.

Benefits

• Competitive health and insurance benefits
• Competitive salary
• Annual target bonus or commission
• Paid vacation and sick time
• Vacation rental on a yearly basis (taxable benefit)
• Employee Stock Purchase Program
• Free snacks and beverages
• Frequent company update talks with our leadership team
• Free listing on HomeAway.com
• Electric, adjustable stand-up desk
• Discounted Metro & Rail pass
• Casual dress code