Software Engineer-II: Application Security
Application Security SREs at Sumo Logic partner with our development teams, Security Operations Center (SOC), to ensure our products are secure and compliant. You will ensure operational excellence, security, and compliance of our entire cloud and technology stack!
What you will do:
- Ensure engineering teams develop secure applications by applying secure coding best practices for cloud applications and creating training and procedural materials
- Perform security reviews and penetration tests - at design and implementation stages - and propose appropriate solutions for any security deficiencies
- Lead teams in threat modeling exercises to pressure test technical designs
- Leverage Sumo’s own product, and other third party tools to build security and “defense in depth” into our product and software development lifecycle.
- Integrate and implement solutions improving Sumo Logic's security posture
- Participate in security research, investigations, platform hardening, and audits
- Drive continual improvement and operational excellence for our security tools.
- Participate in on-call to provide coverage for security and platform components.
What you already have
- B.S. or M.S. Computer Sciences or related discipline
- Passion for Security: You care about the craft of software security, understand the various ways in which a system may be vulnerable, and know how to apply best practices to defend against attackers using industry standards and frameworks.
- Operations Mindset: You understand how to leverage encryption, key management, monitoring, alerting, and automation to secure at scale while ensuring uptime.
- Technical skills:
- 6-8 years of professional experience in applied software security roles
- Strong in OWASP top 10 security vulnerabilities, identifying security flaws in software, scoring the impact, and proposing a solution for developers.
- Experience leveraging cloud security tools as part of software architecture.
- Operational expertise in high scale, reliable 24/7, multi-tenant SaaS
- Strong coding and debugging skills (Scala experience highly beneficial).
- Security certifications, experience in bug bounty/CTFs, reported CVEs, and experience with compliance frameworks and audits are all pluses.
About Us
Sumo Logic, Inc. empowers the people who power modern, digital business. Sumo Logic enables customers to deliver reliable and secure cloud-native applications through its Sumo Logic SaaS Analytics Log Platform, which helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers worldwide rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com.
