Who we are
What do Slack, Kind and Salesforce have in common? They use Culture Amp every day to make their workplaces better and grow highly engaged employees. They also make up a community of over 3,000 organizations from around the globe who stand together to change the world of work.
We are a remote-friendly organisation with offices in Melbourne, San Francisco, New York, and London, Culture Amp isn’t just for fast-growing startups - we’re for every organization that wants to put culture first. By making it easy to collect, understand, and act on employee feedback, we enable People teams to make better decisions, demonstrate impact, and turn company culture into a competitive edge.
It’s what makes us the world’s leading people and culture platform.
The Opportunity at Culture Amp
We are currently looking for a Lead Application Security Engineer to join our product group where you will work closely with software engineers, product managers and others to help integrate tools into their development environments to create consistent application of security controls across our product. Culture Amp leverages a modern stack including:
- Backend: Ruby, Elixir, Kotlin, Python, Go
- Frontend: TypeScript, React
- Platforms: Docker, AWS, BuildKite, DataDog, Splunk
This role would suit a technical person with the passion and experience to effectively lead, influence and play an instrumental role in secure application development within our product group. If you are team oriented, a customer-driven problem solver with prior experience building secure application development we’d welcome the opportunity to speak with you!
A Day in the Life, The Good, The Bad, The Ambiguous
- Gaining a deep understanding of Culture Amp’s product offerings, and the security and privacy risks unique to each product area
- Supporting product teams on the development of new features, providing advice and helping identify and address risks throughout the software development lifecycle
- Building security into Culture Amp’s SDLC through tooling and automation
- Contributing to the development of features and products to improve security capability
- Championing security across the organisation, creating awareness and understanding of policies and procedures, with particular emphasis on the Product teams.
- Performing code reviews, penetration testing and co-ordinating with external consultants as required
What You Bring To Our Camp
This position requires not only coaching and influencing skills but also the ability to work with multiple stakeholders and inspire change. It requires deep technical expertise and the ability to mentor others in driving objectives to completion.
- Demonstrated expertise in application security
- Experience or strong knowledge of modern software development practices, CI/CD
- Experience exploiting and fixing application vulnerabilities
- Proficient in one or more modern programming languages such as Ruby, Go, Python etc.
- Experience with code analysis tools such as Checkmarks, Fortify, Veracode, etc
- Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences
- A passion to share knowledge and amplify others
- Ability and desire to coach and mentor others
- Ability to promote positive change in security practices through influence
If you are passionate about next generation secure application development, and thrive in a modern and fast paced environment, then we’d welcome the opportunity to speak with you!
What We Offer
Culture Amp really practices what we preach. We are extremely proud of the Culture we have built, but don't just take our word for it, our Glassdoor reviews speak for themselves!
We want every Camper to feel at home and do their best work at Culture Amp, so we have 4 values that we live by, take a read, and if this sounds like the environment for you, please apply!
We have a strong commitment to Anti-Racism, and we believe in leading through example. Every step we make as a business towards anti-racism is another step we can support our customers in making a better world of work. You can see our current commitments to Anti-Racism here.
But that’s not all!
- Flexible working hours - in this (please don't say unprecedented again!) time, make your work schedule work for you
- 14 weeks parental leave at full pay for primary carers and 4 weeks for secondary carers
- MacBooks for all!
- Shares - it’s important to us that everyone is an owner and can share in our success.
- Fun and inclusive digital, and (in the future) in-person events
Most importantly. An opportunity to really make a difference in people’s lives.
Please keep reading...
Research shows that while men apply to jobs when they meet an average of 60% of the criteria, women and other marginalized folks tend to only apply when they check every box. So if you think you have what it takes, but don't necessarily meet every single point on the job description, please still get in touch. We'd love to have a chat and see if you could be a great fit.