Company Overview
Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. To this end, we created a platform that delivers content governance, compliance, and protection to customers. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communication. Kiteworks is carrying its bold vision forward while maintaining strong profitability and growth. This is a perfect time to join the company as it moved into a high growth phase and there are many opportunities to make a meaningful contribution to its future.
The Role
We are looking for a highly driven, talented, and self-motivated Senior Applications Security Engineer to be part of our growing application security team. You will be part of a team that is up to date on emerging security vulnerabilities and threats, and works toward improving the security of our products and our CI/CD environment and process.
Key Responsibilities:
- Develop automation and security tools to enhance the security posture.
- Research, evaluate, and integrate new security technologies/tools within CI pipelines.
- Perform STRIDE threat modeling before each product release.
- Provide consultation in design and security reviews for new features.
- Conduct product code reviews with a security-focused lens.
- Execute white box security scans and implement system/application hardening measures.
- Document security fixes and support customer service with security advisories.
- Maintain comprehensive documentation and handle CVE filings.
- Analyze reported vulnerabilities, assess risks using CVSS methods, and determine impact.
Job Requirements:
- Bachelor’s or master’s degree in computer science or computer engineering, specializing in cybersecurity.
- at least 2 years of hands-on experience in cybersecurity roles.
- In-depth knowledge of common web application vulnerabilities and mitigation strategies.
- Proven ability to validate and implement security fixes; manage bug bounty reports effectively.
Key Skills and Experiences:
- Demonstrated expertise in integrating security measures into CI/CD pipelines using Jenkins, GitLab, etc.
- Proficiency in executing and interpreting results from SAST and DAST tools.
- Strong background in Linux system hardening and implementing CIS security standards.
- Proficiency in PHP and Python for security-related tasks.
- Hands-on experience with blue team responsibilities like DFIR and security hardening.
- Familiarity with AWS and Azure; additional experience considered advantageous.
- Security certifications (e.g., SANS) are highly valued.
Desired Attributes:
- Exceptional analytical skills coupled with a meticulous problem-solving approach.
- Excellent written and verbal communication skills.
- Proven ability to convey complex technical concepts to diverse audiences.
- Passionate about Kitework’s domain and mission.
Compensation/Perks
You will be rewarded with a competitive compensation package, including excellent benefits and stock options. Other benefits include: medical, dental, and 18-21 days annual leave