Mobile Application Security Engineer
Leading uniquely at the intersection point of technology and social good, Blackbaud provides software, services, expertise, and data intelligence that empowers and connects people to advance the social good movement. We serve the entire social good community, which includes nonprofits, foundation, corporations, education institutions, and the individual change agents who support them. We work with over 40,000 organizations, helping them realize their goals, fund their missions, manage their operations, and develop long-lasting supporter relationships. Our customers are passionate about making the world a better place, and we’re inspired by the opportunity to help them.
As a member of the Application Security team at Blackbaud, the Mobile Application Security Engineer is a specialized position in Security Engineering that plays a key role in securing software built and/or used by Blackbaud. The engineer closely works with application development teams as well as third party organizations to ensure that security, privacy, and compliance constraints are built into software applications at Blackbaud. In addition to securing applications the engineer will develop and/or purchase tools to enhance the mobile application security processes and systems throughout the Software Development Lifecycle at Blackbaud.
The Mobile Application Security Engineer is expected to identify solutions for common mobile security problems while participating in broader Application Security team security reviews/audits, execute single-component or small, multi-component projects with little to no direction, as well as design and implement practical, technical solutions based on principles of secure software.
The Mobile Application Security Engineer is responsible for promoting, designing, and evaluating application security in all phases of the application life cycle. He/she is also responsible for mobile application security and influencing, building, and assisting with information security challenges within mobile applications.
Information Security Design and Maintenance
- Perform manual and automated mobile application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation
- Perform manual code reviews for mobile applications on systems to identify vulnerabilities as a complement to automated vulnerability assessments
- Provide security recommendations as a subject matter expert for development teams during all phases of development
- Develop tools and scripts to enhance and automate Blackbaud’s security systems and processes
- Validate vulnerability resolutions and ensure they are deployed to production in a timely manner
- Track open issues and follow up to ensure remediation
- Participate in the change management process ensuring that all releases are reviewed by security before being approved for production
- Provide guidance to application groups on application security best practices
- Enhance and deliver mobile application security training to Blackbaud engineers
- Develop mobile automated security tests that can be integrated into a product’s automated test suites
- Provides application security engineering oversight and direction for specific security technology
- Serves as mobile application security subject matter expert on security solutions; provide advisory and consulting services as needed
- Ensures integration of application development with information security policies
Continue to Build a Strong Security Program
- Draft enterprise security standards and guidelines for proper operation of mobile application security toolsets
- Develop and interpret security policies and procedures
- Evaluate and recommend new and emerging security products and technologies specific to mobile application security
- Understands current as well as emerging mobile application and code development security threats
- Stays abreast of new security technologies and integrates them into current mobile application security architecture designs when appropriate
Assess and mitigate risk
- Understand security risk to mobile applications and provide detailed remediation plans
- Assess application risks through mergers and acquisitions and recommend mitigation strategies
- Evaluate complex application security assessments and work with development teams to address findings
Education & Experience:
- College degree in Computer Science, Information Security, Information Technology or equivalent professional experience with a minimum of 4 years experience in the development of applications using various popular languages with at least 2 years of formal experience in application security.
- Certification in highly technical mobile application security or application security disciplines such as: CSSLP, CASS, GWEB, GWAPT, GPEN, CEH, CISSP, or other Mobile Security certifications.
Why you’ll want to come work here:
- Competitive salary (commission/bonus based on type of role), 4 weeks paid time off, great benefits (medical, dental, vision, FSA), 401K match
- Gift matching, volunteer for vacation program, and endless community involvement opportunities
- Named to Forbes’ Fast Tech 25 and Fortune’s Change the World List; we are growing and offer incredible opportunity for advancement
- Tremendous company culture and office perks as well as a new cutting-edge new headquarters completed in 2018
Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.
To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.