Sr. Product Security Engineer at SailPoint

| Austin
Sorry, this job was removed at 4:11 p.m. (CST) on Tuesday, February 23, 2021
Find out who's hiring in Austin.
See all Developer + Engineer jobs in Austin

About Us

SailPoint is the Worldwide Leader for Enterprise-Class IAM. We minimize risk and maximize business growth by managing access to data and resources across your enterprise. We do it effectively and securely for every person who interacts with your organization—any user, on any device, anywhere in the world. We were first to recognize that companies could benefit from an approach to identity that addresses both IT and business priorities. We developed a unique, risk-based model and leveraged that approach for everything from compliance to user provisioning. Then we followed that with the industry's first solution for truly extending enterprise identity management to applications in the cloud.

 

Today, we offer comprehensive products that can handle enterprise IAM on-premises or as a cloud-based service. This gives you the freedom to choose the best solution for your current needs, while at the same time establishing a clear path for future growth.

SailPoint is seeking an Application Security Engineer to join our Security Team. Candidates should have a thorough understanding of the Software Development Lifecycle (SDLC), from initial design through ongoing penetration testing to vulnerability remediation. In this role, you will identify and validate vulnerabilities, work with engineering teams to identify the root cause and provide practical recommendations to remediate identified issues. We’re looking for a well-rounded engineer with a breadth of knowledge in application security.

 

Responsibilities:

  • Perform design and code reviews for security best practices.
  • Evaluate security vulnerability scan (SAST/DAST/IAST) findings and enforce remediation lifecycles.
  • Research, investigate and perform risk analysis of new findings surfaced by various application security tools and services.
  • Educate developers on application security best practices throughout the SDLC.
  • Support software developers in triaging and remediating security issues.
  • Manage tuning and filtering of security tooling to help remove false positives or false negatives.
  • Evangelize security tooling throughout the organization.
  • Be an influencer of change while maintaining a strong relationship with the engineering organization.
  • Support vendor and partner security assessments
  • Contribute to creation of security training and deliver to internal teams
  • Coordinate and manage third party penetration test.
  • Build and maintain bug bounty program
  • Develop tooling and automation to facilitate continual testing and increase coverage
  • Prepare reports on project progress and present results to internal and external development teams and management
  • Contribute to maturing process, policy and standard guidance

 

Background & Experience:

  • Strong sense of ownership, urgency and drive.
  • Ability to proficiently code in Java, Objective-C, C++, Python and NodeJS.
  • Ability to understand various application code base regardless of the programming language.
  • Ability to describe security best practices to software development / engineering teams.
  • Ability to understand complex software architectures and their deployment models.
  • Ability to understand security issues identified by security scans regardless of application programming language.
  • Solid understanding of web application security frameworks, including OWASP Top 10
  • Ability to research, analyze, and understand known and new CVEs
  • Strong knowledge of CI/CD build systems, microservices, and continuous integration/deployment practices.

 

Qualifications

  • 1+ years of experience as a Software Developer or Security Engineer with active design & development experience in languages such as Java, Python, Objective-C and NodeJS.
  • In-depth application development knowledge at least one of the following: Java, Python
  • Experience with enterprise management of SAST/DAST/IAST tools.
  • Experience working in collaboration with software engineering organizations to improve security posture.
  • Must be self-directed and able to work independently as well as in a team environment.
  • Resourceful in finding solutions.
  • Proven consulting and facilitation skills.
  • Excellent verbal and written communication skills.

 

Education:

Bachelor's degree in Computer Science or other technical discipline, or equivalent experience. Some combination of the following security certifications: OSCP, OSWE, CTP, GIAC, CPT/CEPT, etc. AWS or other cloud solution provider certifications a plus.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

 

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • SqlLanguages
    • Twitter BootstrapLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • MySQLDatabases
    • RedisDatabases

Location

11120 Four Points Drive, Austin, TX 78726

What are SailPoint Perks + Benefits

SailPoint Benefits Overview

Experience a Small-company Atmosphere with Big-company Benefits

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Documented equal pay policy
Mean gender pay gap below 10%
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Perks & Discounts
Beer on Tap
Casual Dress
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Recreational Clubs
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Lunch and learns
Promote from within
Mentorship program
Online course subscriptions available
More Jobs at SailPoint56 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
HR + Recruiting
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Developer
new
Austin
Operations
new
Austin
Operations
new
Austin
Project Mgmt
new
Austin
Marketing
new
Austin
Project Mgmt
new
Austin
Design + UX
new
Austin
Marketing
new
Austin
Sales
new
Austin
Operations
new
Austin
Sales
new
Austin
HR + Recruiting
new
Austin
Project Mgmt
new
Austin
Sales
new
Austin
Developer
new
Austin
Developer
new
Remote
Developer
new
Austin
Product
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Sales
new
Austin
Developer
new
Austin
Finance
new
Austin
Finance
new
Austin
Developer
new
Austin
Data + Analytics
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Developer
new
Austin
Finance
new
Austin