Do you have a passion for application security and working on one of the most important security challenges of current software development? We are looking for a Senior Application Security Engineer with experience developing static analyzers or compilers. As a Senior Application Security Engineer, you will work collaboratively with other engineers in the Security Tools engineering team to extend and support an in-house static application security testing tool. We value software engineers with initiative and agency who have a passion to learn, build and deploy production-quality application security software.
Work You’ll Do
As a member of our team you will work with other team members to further develop an in-house static code analysis tool to support new languages and new vulnerabilities, enhance existing analyses and language support. You will work on dataflow algorithms and other static analyzes techniques, design the representation of programming language constructs in an intermediate language, create new checkers to support new types of security vulnerabilities, and expand and refine the capabilities of our existing checkers. You will be collaborating with engineers based in Australia, Canada, and the United States.
Your responsibilities include contributing to the design, implementation, integration and testing of analysis support in the tool for a variety of languages including Objective-C, C/C++, Java, Python, and Go.
What You’ll Bring
• Bachelor’s Degree in Computer Science, Software Engineering or related disciplines
• Experience in program analysis, compilers, or web application security
• 5+ years of programming experience
• Excellent programming skills in C++ and/or Java
• Ability to work as part of a team as well as independently
• Strong analytical skills combined with good communication skills and fluent English
Nice to Have
• Masters or PhD in Computer Science, Software Engineering in a field related to program analysis or application security
• Programming experience in Objective-C, Go, Python, or Javascript
• Understanding of the iOS build process
• Experience with LLVM
• Understanding and appreciation of software application security
• Experience working with geographically distributed teams
What We'll Give You
• Ability to work in a flexible work from home arrangement
• An organization filled with smart, enthusiastic, and supportive colleagues
• A team of very skilled and diverse personnel across the globe
• The resources of a large, global operation while still having the start-up feel of a small team
Who We Are
We are a world-class team of high-caliber security software developers who thrive on new challenges. We are an inclusive and diverse team with a full spectrum of experience distributed globally. We have the resources of a large enterprise and the energy of a start-up, working on advancing the state-of-the-art for developers through SAST and SCA tools. The Security Tools organization has the mission to make application security, at scale, a reality. We are a dedicated team, leveraging each other’s insights and abilities to produce cutting edge solutions for today’s complex codebases. We value people who can use their Program Analysis and/or Data Analytics skills to further develop and enhance our tools, as well as support new language features or vulnerability types. Join us to grow your career and create the future of application security at scale together.
Career Level - IC3