Sr. Application Security Engineer

Remote from
Seniority level
Senior
Job function
Software Engineering
Job type
Full Time,
Job posted
Apply before
4 Oct 2023
Industry
Computer Software

About Salesloft

Salesloft helps thousands of the world’s most successful selling teams drive revenue with the Modern Revenue Workspace™

Although we’re proud of our history, we’re even more excited about the future. We want to create a world-class culture and company that attracts, develops, engages and retains elite talent.

At Salesloft, our Application Security Engineer will be pivotal to our company’s success. You will be a key member of our fast-growing and high-performing information security team and will work closely with our product and engineering teams to ensure we deploy a product that is resistant and resilient to cyber attacks.

On a day-to-day basis, you will be responsible for evaluating the security of the Salesloft platform and ensuring remediation of vulnerabilities. Specifically, you will be:

  • Developing and maintaining software application security policies and procedures
  • Providing technical leadership, guidance, and direction to the application development team
  • Developing and maintaining documentation of application security controls
  • Implementing software application security controls
  • Designing technical solutions to address security weaknesses
  • Analyzing system services, spotting issues in code, networks and applications
  • Assist Engineering and Development teams in following security best practices while performing their tasks
  • Assist with threat modeling and security reviews for proposed and existing platform components
  • Perform targeted whitebox and/or blackbox penetration tests to discover gaps in security controls
  • Facilitate external penetration testing activities with third party firms
  • Serve as the primary owner of the Salesloft bug bounty program and perform validation of new findings
  • Consult with architecture teams on the secure development of platform components as well as the development of customer facing security features
  • Analyze application security scans (e.g., SAST, DAST, container image scans, third party dependency scans) to ensure findings are appropriately prioritized to effectively reduce risks
  • Make recommendations for risk mitigation actions to development teams
  • Build or recommend automated methodologies to add efficient security to our CI/CD

In addition to working with amazing colleagues who exemplify our ‘team over self’ core value, you will also have the opportunity to build a world class application security function. You will have an opportunity to make a difference.

WHAT WE’RE LOOKING FOR

We are seeking a seasoned application security professional who is excited about building and leveling up the application security maturity of Salesloft, helping to find and fix application vulnerabilities and mentoring our developers to build security in from the beginning of a development cycle. Specifically, you will play a pivotal role in building Salesloft’s application security program, establishing key processes that help development teams to manage and minimize risk while moving fast.

If you’re looking for an opportunity to learn more, do more, and become more, then joining Salesloft as an Application Security Engineer is the career path for you!

THE TEAM

Our Salesloft’s Information Security team comprises seasoned and up-and-coming Engineers and analysts who are the epitome of our core values: Put Customers First. Team Over Self. Focus on Results. Bias Towards Action. Glass Half Full.

THE SKILL SET

  • Minimum of 5 years of experience in Information Security or closely related fields
  • Minimum of 2 years working with SDLC concepts and processes
  • Ability to learn new technologies quickly
  • Strong knowledge of web application security concepts, common attack techniques, threats and mitigations
  • Familiarity with common programming languages and best practices for security methodologies with those languages
  • Familiarity with Dynamic and Static AppSec testing technologies
  • Ability to work collaboratively with senior management across multiple departments
  • Ability to work effectively in a fast-paced, project-oriented environment
  • Ability to prioritize and execute tasks
  • Ability to handle sensitive and confidential information
  • Ability to handle multiple tasks simultaneously
  • Strong analytical and problem-solving skills
  • Collaborative mentality by prioritizing ‘we’ and not focusing on ‘me’
  • Strong communication skills with both technical and non-technical staff members
  • Relevant industry certifications are desirable

WITHIN ONE MONTH, YOU’LL

  • Attend Salesloft’s New Hire Orientation, where you will learn our Salesloft story and understand what makes our “Lofters” unique
  • Begin 1:1’s with your manager, understand your 30-60-90 plan, meet & shadow current members of the Salesloft infosec and engineering team
  • Learn the day-to-day operational cadence and become familiar with the infosec technology stack
  • Understand the key performance indicators (KPIs) of the SalesLoft security team
    Learn and understand the mission, vision, and values of the SalesLoft security team
  • Review and understand the SalesLoft risk assessment process as well as currently identified organizational security risks

WITHIN THREE MONTHS, YOU’LL

  • Act as a consultant, evaluating the effectiveness of the security program with a fresh set of eyes
  • Learn Salesloft development environment and current security controls
  • Understand key priorities of the Security Program for Salesloft
  • Identify net new measures of success of the security program
  • Understand metrics and goals of the SLDC and appsec security program

 WITHIN SIX MONTHS, YOU’LL

  • Take ownership of key projects and deliverables to enhance the application security program
  • Become a subject matter expert in our existing application security controls
  • Develop new process, policies, and technology to enhance the application security program

WITHIN TWELVE MONTHS, YOU’LL

  • Serve as a technical expert on SalesLoft’s platform application security controls and a point of escalation for identified issues
  • Implement new technologies to increase our application security vulnerability and threat detection capabilities
  • Work with auditors and internal personnel to address application security questions and concerns
  • Implement threat modeling procedures within the engineering and other departments

WHY YOU’LL LOVE SALESLOFT

At Salesloft, we’re not just a company, we’re a community built on shared values.

We put our customers first, prioritize our team over ourselves, focus on results, have a bias toward taking action, and choose to see the glass as half full. These values have been at the heart of our growth in becoming the #1 leader in sales engagement software, and we’re still just getting started.

Salesloft helps sales teams drive more revenue with the only complete Sales Engagement platform available in the market. Salesloft is the one place for sellers and managers to go to execute all their digital selling tasks, communicate with buyers, understand what to do next, forecast with accuracy, and get the coaching and insights they need to win more deals. Thousands of the world’s most successful sales teams, like those at Google, 3M, IBM, Shopify, Square, and Cisco, drive more revenue with Salesloft.

Since our founding in 2011, we have grown into a global, award-winning organization with Lofters based all over the world. As a testament to our organizational health, we have been named by Forbes as one of America’s Best Startup Employers in 2021, Atlanta Business Chronicle’s 2022 Healthiest Employers, three times by Deloitte as a ‘Fastest-Growing Technology Company in North America,’ and have been recognized as a top workplace by Fortune, Glassdoor, Atlanta Journal-Constitution, and Inc Magazine.

In addition to our stand-out organizational health, G2 recently ranked us #1 in Enterprise Sales Engagement and we were named a leader in the 2022 Forrester Wave for Sales Engagement. We received the highest possible score in 26 out of 30 criteria, more than any other vendor evaluated in our category.

Apply now >

Personalised job alerts

Set up personalised e-mail alerts about similar remote jobs

Report jobShare

How to apply

Did you apply? Let us know, and we’ll help you track your application.

See a few more

Similar remote jobs in Software Engineering

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

FAQ

What position is Salesloft hiring for?

Salesloft is hiring a remote Sr. Application Security Engineer from

What type of employment does Salesloft offer?

This is a Full Time role.