Security Application Engineer, DAST Scanning (remote US)
Company: RingCentral, Inc
Location: Denver
Posted on: September 2, 2024
Job Description:
Security Application Engineer, DAST Scanning (Remote US)The
RingCentral environment is dynamic, success-driven, team-oriented
and committed to providing world-class service for its customers
through the security of its products. Do you have the ability to
thrive in a fast-paced but work-life balanced environment? We are
looking for candidates with an entrepreneurial spark! This role
requires US citizenship.RingCentral is a cloud communications
leader that fosters career development and provides leadership
training, education, workshops, and coaching for all employees. The
RingCentral Application Security team is a part of a larger CISO
led organization. The area of responsibility of the application
security team includes enablement and support for RingCentral's
Security Development Lifecycle (SDL) program.It includes
development of infosec governance artifacts i.e., policies,
standards and procedures for secure software development at
RingCentral, security architecture reviews and threat modeling,
developing security requirements, SAST/DAST/SCA testing and
integration of these tools into the build and deploy process,
penetration testing, managing a bug bounty program.We are looking
for a Security Application Engineer with a strong understanding of
web and mobile application vulnerabilities, how they can be
detected, exploited and remediated.Responsibilities:
- Consult developers on questions related to reports of security
scanners*, which includes:
- as needed, explain why an issue should be considered as a
vulnerability
- explain circumstances under which an issue might be
exploitable
- provide suggestions on how an issue can be remediated using
internal security controls
- Review and validate issues marked as potential false positives
by developers; request additional clarifications where
required.
- Report breached security defects within company SLA's.
- Review and improve security scanners configurations:
- review scanning rules in presets, make sure that important
rules are enabled, and irrelevant rules are disabled
- make sure security scanners do not miss production
code/applications, as well as do not scan testing-only
code/applications
- where possible and required, adjust scanning rules to improve
their accuracy
- collaborate with legal to make sure that license violation
rules for open-source software are configured
correctlyQualifications:
- Extensive experience with web and mobile application setup and
testing for SAST/DAST
- Experience with penetration testing using tools like
Burpsuite
- Technical experience in software architecture, design,
implementation and security code reviews
- U.S citizenship required
- Experience with open-source software including lifecycle
management, vulnerability management tools
- Experience working with developers to provide guidance on
vulnerability management
- Excellent communication skills, both verbal and written;
ability to condense complicated scenarios into simple, risk-based
assessments, appropriately targeted for colleagues and upper
management
- Outstanding organizational and time management skills, desire
to work within a highly collaborative teamNice-To-Have:
- WebRTC, Video and audio streaming experience
- Video codecs experience
- B.S. or equivalent in CS or EEWhat we offer:
- RingCentral offers all the work/life benefits you could ever
want, (and none of the micromanagement.)
- Comprehensive medical, dental, vision, disability, life
insurance
- Health Savings Account (HSA), Flexible Spending Account (FSAs)
and Commuter Benefits
- 401K match and ESPP
- Flexible PTO
- Wellness programs including1:1 wellness coaching through
TaskHuman and meditation guidance through Headspace
- Paid parental leave and new parent gift boxes
- Pet insurance
- Employee Assistance Program (EAP) with counseling sessions
available 24/7
- Rocket Lawyer services that provide legal advice, document
creation and estate planning
- Employee bonus referral programRingCentral's work culture is
the backbone of our success. And don't just take our word for it:
we are recognized as a Best Place to Work by Glassdoor, the Top
Work Culture by Comparably and hold local BPTW awards in every
major location. Bottom line: We are committed to hiring and
retaining great people because we know you power our success.About
RingCentralRingCentral, Inc. (NYSE: RNG) is a leading provider of
business cloud communications and contact center solutions based on
its powerful Message Video Phone (MVP) global platform. More
flexible and cost effective than legacy on-premises PBX and video
conferencing systems that it replaces, RingCentral empowers modern
mobile and distributed workforces to communicate, collaborate, and
connect via any mode, any device, and any location.RingCentral is
headquartered in Belmont, California, and has offices around the
world. If you are hired in Colorado or Texas, the compensation
range for this position is between $120,000 and $160,000. If you
are hired in Belmont, the compensation range for this position is
between $140,000 and $180,000. RingCentral is an equal opportunity
employer that truly values diversity. We do not discriminate on the
basis of race, religion, color, national origin, gender, sexual
orientation, age, marital status, veteran status, or disability
status. We are committed to providing reasonable accommodations for
individuals with disabilities during our application and interview
process. If you require such accommodations, please click on the
following link to learn more about how we can assist you.
Keywords: RingCentral, Inc, Denver , Security Application Engineer, DAST Scanning (remote US), Engineering , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...