Senior Application Security Analyst
At SailPoint, we do things differently. We understand that a fun-loving work environment can be highly motivating and productive. When smart people work on intriguing problems, and they enjoy coming to work each day, they accomplish great things together. With that philosophy, we’ve assembled the best identity team in the world that is passionate about the power of identity.
As the fastest-growing, independent identity and access management (IAM) provider, SailPoint helps hundreds of global organizations securely and effectively deliver and manage user access from any device to data and applications residing in the data center, on mobile devices, and in the cloud. The company’s innovative product portfolio offers customers an integrated set of core services including identity governance, provisioning, and access management delivered on-premises or from the cloud (IAM-as-a-service).
SailPoint is seeking a Senior Application Security Analyst to join the engineering team for our IdentityIQ and SecurityIQ products. As a Senior Application Security Analyst, you will participate in all phases of the software development lifecycle driving security principles and best practices into our products. You will help ensure that the team and products are compliant with SailPoint’s security and privacy standards. You will have the opportunity to communicate with security leaders at our partners and customers about the security of our products. Communicating with your team members will be essential to your team’s success, as will the ability to juggle multiple tasks and deadlines.
Responsibilities:
Define and refine standards and processes related to secure software development
Identify application security requirements and contribute to design reviews, code reviews, and test plan development
Perform threat modeling and application security architecture review
Research and evaluate new security trends and technologies
Ensure compliance to SailPoint's security and privacy standards
Participate, respond, and ensure compliance to security assessment findings
Work closely with the CISO and other security team members across SailPoint
Participate in activities that increase security awareness
Minimum Qualifications:
BS degree in Computer Science or related fields or equivalent
3+ years in enterprise application security with Java and/or .NET applications
Excellent verbal and written communication skills
Deep understanding of web application security
Experience with static and dynamic security testing and penetration testing
Understanding of network protocols
Experience with software development tools such as IDEs, source code repositories, and continuous integration and build tools
Preferred Qualifications:
Exposure to security compliance frameworks such as SOC or ISO
Heavy involvement in the security industry, including authoring white-papers or participating in security competitions