Senior Application Security Engineer
What you will do as an Application Security Engineer:
- Develop, configure and implement tooling to support DevSecOps processes including SAST, DAST, IAST, and SCA, in partnership with DevOps.
- Establish application security standards and guidelines for developers.
- Establish and audit cloud infrastructure security standards.
- Evaluate application architectures for security related concerns.
- Champion and enable security-related activities in the software engineering process (e.g., threat modeling, secure coding practices).
- Assess infrastructure, web and application environments to help identify, and prioritize risks and vulnerabilities.
- Manage vulnerability backlog, partnering with Product and Engineering to ensure issues are addressed in accordance with SLA.
- Perform and/or facilitate external audit of cloud architecture specific to security.
- Perform red team exercises, including internal pen-tests on web applications and infrastructure, and internal social engineering exercises.
Basic Qualifications for Consideration:
- 5+ years of experience in application security ideally from a software or architecture background.
- Strong understanding of SAST, IAST, DAST, and SCA tooling in support of DevSecOps.
- Significant experience with securing cloud architectures preferably in GCP.
- Experience with performing security architecture and design reviews.
- Experience implementing a vulnerability management program.
- Experience with coding/scripting.
- Experience with threat modeling (STRIDE, DREAD, etc.)
- Demonstrable experience building strong working relationships with Product, Engineering, Infosec, and GRC.
- Experience with running or participating in bug bounty programs.
In order to protect our Clover community, Clover requires all newly hired employees in the United States to be fully vaccinated before their start date. Proof of vaccination will be a condition to hiring. Clover complies with all applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs.