Application Security Engineer

About Intermedia Are you looking for a company where YOUR VOICE is heard? Where you can MAKEADIFFERENCE? Do you THRIVE in a FAST-PACED work environment? Do you wake every morning EXCITED to work with GREATPEOPLE and create SUCCESSTOGETHER? Then Intermedia is the place for you. Intermedia has established itself as a leading provider of cloud communications and collaboration tech that allows companies to connect better. We have a strong track record of growth, profitability, and creating an environment where everyone matters. Everyone. While we are fast-paced and admittedly a bit intense, we promise that you won’t be bored. You will find Intermedia is a place where you can indulge your passion for creating and supporting great cloud technology. What’s more, we always look to promote from within and have many employees who have been with us 10, 15, and 20+ years! Culture at Intermedia is built on teamwork and transparency. We hold each other accountable and always have each other’s back!Are you ready to make your mark? About the RoleIntermedia has a wide portfolio of internally developed application software, ranging from web and desktop apps to lower level PBX solutions. Due to the growing demand for integrating security activities into diverse development processes, Intermedia is looking for an experienced and self-motivated Application Security Engineer to help us deliver built-in security to our products.As part of the Global Security team, you will support our company wide application security program, helping the company build secure products. You will be the voice of security for all things related to application security to our spectrum of engineering teams, guiding the architecture and execution of our SDLC throughout the enterprise. This position is an individual contributor role, reporting directly to the Manager, Application Security.What you will be doing: Perform design and architecture review of new features, suggest security requirementsCollaborate with DevOps and engineering teams, advising on security features and best practices in SDLCUtilize static security scanning tools, review findings and coordinate remediation actionsPerform ongoing manual security assessmentsReview the results of external penetration tests and communicate suggested fixes to development teamsProvide on-demand support on application security topicsDrive process improvement ideasAssist with vetting and intake of defects from 3rd party security researchers via our Bug Bounty programWhat you will bring to the role: 3 - 5 years of experience in the application security fieldBachelors or Master Degree in related field of expertiseKnowledge of secure coding best practices and industry standards (such as OWASP) and the ability to apply them to different programming languagesFamiliarity with SDLC and DevSecOps concepts and hands-on experience in implementing themKnowledge and/or hands on experience with identifying A.I. threats in a security landscapeExperience in using static and dynamic security scanning tools (such as BurpSuite, ZAP, and Snyk, or other related technologies)Experience with programming languages such as Python is preferredAbility to explain application security threats and mitigation options to both developers and project managersGood communication skills in written and verbal EnglishExperience and/or knowledge in securing applications within cloud platforms (AWS, Azure) and containerized environments (Docker, Kubernetes)Participation in CTF challenges and bug-bounty programsDiversity, Inclusion, and Equal Opportunity We hire, promote, and compensate employees based on their ability to perform their job responsibilities, without regard to race, color, creed, religion, sex, gender, marital status, national origin, ancestry, age, citizenship, physical or mental disability, sexual orientation, or any other basis protected by applicable law (collectively referred to in our Code of Conduct as “Protected Classes”). We do not tolerate employment discrimination in the workplace, and we are committed to making reasonable accommodations for identified disabilities or other limitations as required by all applicable laws. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Originally posted on Himalayas