Application Security Engineer

2U   •  

Brooklyn, NY

Industry: Education

  •  

Not Specified years

Posted 61 days ago

This job is no longer available.

As 2U continues to grow and partner with premier universities, application security has become a significant focus for the Technology group. We are searching for a passionate Application Security Engineer who is interested in working for a fast-paced, dynamic company that’s changing the landscape of higher education. This individual will be part of our growing cybersecurity team in the New York office. Application security engineers in particular bridge the gap between the greater cybersecurity team and the various software development teams at 2U, so it's a cross-disciplinary role. At the get-go, the engineer will be tasked with assisting in the building of 2U’s security infrastructure and processes, and eventually their focus will shift to day-to-day operations and a break/fix/teach cycle.

Responsibilities and Opportunities

  • Designing, testing, and deploying various security solutions for 2U’s internal and external systems
  • Automating the static code analysis (SCA) process to detect security vulnerabilities before code is deployed
  • Contributing to the development of a secure software development lifecycle (SSDLC) and generally promoting secure coding practices within engineering teams
  • Striking a balance between building things and breaking things
  • Providing consultation on information security designs to various departments at 2U
  • Working on improvement of existing tools and developing new tools
  • Hacking into test environments during red team exercises
  • Assisting in the analysis and resolution of security incidents
  • Providing feedback and assessing context for received penetration test reports

Experience and Skills

  • Strong software engineering and security principles — you should have experience with both code and security, and you should be able to explain one to someone who specializes in the other
  • Using scripting languages to automate tasks (Python, shell, or similar)
  • Understanding of modern web application architecture and how to secure it (OWASP)
  • Understanding of networking protocols and operations engineering (specifically Linux)
  • Interest in the never-ending list of newly released vulnerabilities, attacks, and security research
  • Interest in the never-ending list of new software development paradigms and how they relate to security
  • Willingness to learn by tinkering (and let’s be honest, you know how to Google like a pro)
  • Bonus points: participation in bug bounties, possession of security certificates, and knowledge of security standards

General Attributes

  • Excellent communication and collaboration skills (both written and verbal)
  • Ability to work in a dynamic and flexible environment.
  • Customer services focused.
  • When you hear the term “firewall” you don’t think of a wall engulfed in flames
  • You’ve binge-watched Mr. Robot at least once