Application Security Engineer
We’re hiring on the Blackbaud Application Security team. As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud. You can expect to work closely with software development teams as well as third party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software you will be expected keep tabs on what’s happening in the industry in order to optimize and align our application security processes and systems throughout the Software Development Lifecycle at Blackbaud.
The Application Security Engineer is expected to identify solutions for common security problems while participating in a broader agile Application Security team working on security reviews, building relationships with developers and engineers across the organization, and executing complex projects with minimal oversight.
The Application Security Engineer is responsible for promoting, designing, and evaluating application security in all phases of the application life cycle. He/she is also responsible for application security and influencing, building, and assisting with information security challenges within applications.
What we’re looking for:
You are either a security interested software engineer who has been building modern, microservice oriented software in agile development, or a development interested security practictioner who understands security best practices, but wants to get closer to development and engineering.
This role will involve highly technical engagement with development and systems engineers. Familiarity with common application security tools is nice to have, but understanding of software, how it’s designed, how it’s built, and how it can be broken is critical. Exposure to and understanding of programming languages and ability to understand code is important.
A successful candidate may have some exposure to various application security testing tools like Burp Pro, OWASP Zap, or various other commercial common offerings for application security testing and analysis. On the development side, a successful candidate is familiar with software development processes like Continuous Integration and Continuous Development release cycles, waterfall release cycles, DevSecOps cultural mindsets, and an engineering focused approach to solving common security problems.
The AppSec team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business.
If that description fits your approach to security, we’d love to chat with you about what you can do to help our mission!