Our Application Security Team is responsible for the overall security of New Relic's customers and their data. We are enablers who partner with our Product organization to help deliver secure products and keep customer and employee data safe.
We strive to be pragmatic while meeting our regulatory needs. We seek to creatively address software security risks in new and novel ways by utilizing technology, automation, relationships, and culture. We work in a continuous deployment, cloud-based environment, and adapt our security efforts to the processes and technologies New Relic uses to deliver innovative and market-leading products.
In addition to our Portland office, we are open to remote candidates who can work West Coast hours from a home office and have >1 year of success working remotely with a distributed team!
What You’ll Do
- Design our security tools and processes to meet the growing demand of our products.
- Meet with software architects and engineering leadership to understand upcoming projects in order to build controls that meet both security and business requirements.
- Analyze our bug bounty program, static and multifaceted application security testing, and custom monitoring tools.
- Mentor and lead our App Sec Engineers.
- Lead high-priority security projects in Identity and Access Management.
- Stay active and contribute to the security community.
- 4 years of software development experience in an agile environment PLUS
- 5 years of experience in application-level vulnerability testing or building software security controls.
- BS/CS or equivalent practical education and experience.
- Expert in detection, exploitation, and mitigation of common web application security vulnerabilities.
- Leadership (people and/or projects) experience in a highly technical environment.
- Contributions to the security community.
- Active development in an open source security project. (Building Open Source Project; Hackathons)
- Technical knowledge of security engineering, computer and network security, authentication, security protocols, and applied cryptography