Senior Application Security Engineer

November 11

Apply Now

Receive Emails with Similar Jobs

Cyberhaven

WebsiteLinkedInAll Job Openings

Cybersecurity • SaaS • Enterprise

Cyberhaven is a company specializing in data security and insider risk management solutions. They offer a comprehensive data detection and response platform designed to detect and stop insider threats and data exfiltration. Cyberhaven's unique approach includes data lineage technology, which traces data from its origin to better understand and classify it, ensuring it remains protected across different platforms and situations. This technology enables businesses to stop the unauthorized flow of important data through various channels such as cloud, web, email, and removable storage. With a focus on cloud data security, insider risk management, and data loss prevention, Cyberhaven's solutions empower companies to safeguard their critical information and accelerate internal investigations.

51 - 200 employees

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

💰 $33M Series B on 2021-12

📋 Description

• Perform Security Assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software. • Develop / Implement Security Tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats. • Collaborate with Development Teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines. • Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies. • Vulnerability Management: Supporting role to track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts. • Incident Response Support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents. • Stay Current on Security Trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

🎯 Requirements

• 5+ years of software development experience, ideally with exposure to information security or AppSec. • Strong grasp of secure coding, threat modeling, and vulnerability management across the SDLC. • Proficient in Go, Python, or Java, and experienced with CI/CD pipelines and GitHub. • Hands-on with security tools and frameworks (SAST, DAST, SCA—e.g., Snyk, Semgrep, OWASP ZAP, Burp). • Understanding of core Information Security capabilities such as: malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc. • SME in at least one of the following: Threat and Vulnerability Management, Incident Response, Threat Hunting/Red Teaming, or Penetration Testing. • Able to interpret and prioritize security data, partnering effectively with developers to remediate issues. • Strong communicator who can influence and collaborate across engineering and security teams.

🏖️ Benefits

• Health insurance • Retirement plans • Paid time off • Flexible work arrangements • Professional development opportunities