Appfire builds next-generation enterprise collaboration solutions to liberate teams from silos and make work flow. By extending and enhancing what’s possible on platforms like Atlassian, Microsoft, Monday.com, Salesforce and more, Appfire enables companies to increase value from the many platforms they’ve invested in. Appfire empowers today’s knowledge workers to plan and deliver their best work. Appfire’s portfolio of top-selling apps serves more than 20,000 customers – including 55% of the Fortune 500. As a product-led company, Appfire identifies gaps in industries serving knowledge workers and then builds solutions that drive productivity and efficiency.

Appfire continues to grow exponentially, with teams spanning 20+ countries. We are financially strong, profitable since inception, continuously meeting or exceeding revenue targets, and we invest heavily in strengthening the foundation of our organization. Being philanthropic is integral to operating our business, so we donate 1% of employee time, product, profit, and equity as part of our Pledge 1% commitment.

Come join our team!

ob Description

Appfire is seeking a highly skilled Senior Security Engineer to join our Appfire Information Security team. This Senior Security Engineer role will report to our CISO and work within our Security Engineering & Architecture team to handle diverse security engineering and architecture related tasks for our rapidly growing company, including managing risk through a shared vision with Appfire’s business leaders.

While focusing on people, process, systems, and metrics, and keeping up with the latest threats and trends in security, you will be tasked with understanding and resolving a variety of security requirements at Appfire. You will also handle the identification of risks and recommendations for threat mitigation. Activities will include engineering and architecture focused tasks, supporting security reviews and audits, and verification of adherence to security policy (including cloud security policies).  

You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and thrive in a highly collaborative workplace and actively engage in helping create secure software applications. 

Lists (Requirements & Responsibilities)

  • Collaborate with Engineering, IT Operations, and DevOps to design, engineer, and support security within our cloud environments, products, and vendor solutions, while promoting DevSecOps.
  • Perform security assessments and penetration testing (manage and perform) on web applications, mobile clients, etc.
  • Enforce continuous security compliance for our Cloud apps and cloud infrastructure.
  • Review and approve controls needed to protect data and technology assets in compliance with policies, regulation, and legal requirements.
  • Support incident response and security operations.
  • Ensure compliance with and support our vulnerability management program, including SCA, SAST, DAST, penetration testing, and bug bounty programs.
  • Provide expertise in the integration efforts of Appfire acquisitions and alignment to information security standards and policies.
  • Implement and maintain information security systems and services to support the Information Security team.

About You:

  • Degree in Computer Science, Information Security, Engineering, or equivalent experience.
  • 5+ years of experience working in cyber security engineering and/or architecture at a software company.
  • Experience performing security work in a multi-cloud environment is preferred.
  • Experience with at least one vulnerability scanning tool (e.g. Qualys, Rapid7, Wiz, etc.).
  • Experience as a pen tester for web-based applications and familiarity with the OWASP top ten vulnerability categories.
  • Working knowledge of at least one scripting language, Python preferred, and Linux concepts/command line familiarity.
  • Experience with basic SQL and manipulating large data files preferred.
  • An understanding of key cryptography concepts such as symmetric/asymmetric keys, algorithms, and protocols (PKI, GPG, RSA, x509 certificates and TLS/SSL).
  • Knowledge of common information security frameworks such as CIS, NIST, ISO 27001 & SOC 2 a plus.
  • Ability to work effectively within a fast-paced, changing environment with high growth.
  • A self-starter with a demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
  • Strategic analysis, creative problem solving, and business judgment are required.
  • Excellent interpersonal and communication skills, including writing skills.

What we offer:

  • Work with an international team and global customers
  • Remote work flexibility
  • An environment where you can thrive, learn and apply new technologies and techniques.
  • Health insurance.
  • An annual sport allowance to help you keep a great work/life balance.
  • An annual budget for training, and event attendance.
  • Incentive Equity Program
  • 25 days of paid holidays
  • Paid training
  • Paid assistance to tech events and conferences.
  • Summer schedule for you to fully enjoy the sun!
  • Team building activities.

#LI-Remote

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)
Cancel
Our system has flagged this application as potentially being associated with bot traffic. Please turn off any VPNs, clear your browser cache and cookies, or try submitting your application in a different browser. If this issue persists, please reach out to our support team via our help center.
Please complete the reCAPTCHA above.