Security Application Engineer

Job Summary:

As a Security Application Engineer III, you will be responsible for securing our web and mobile applications, identifying vulnerabilities, and implementing robust security measures. You will collaborate with development, operations, and product teams to integrate security best practices throughout the software development lifecycle. The ideal candidate has a strong background in application security, a keen eye for detail, and a passion for safeguarding user data.

Key Responsibilities:

• Conduct security assessments and vulnerability testing of web and mobile applications.
• Collaborate with development teams to integrate security best practices and principles throughout the software development lifecycle.
• Identify, analyze, and mitigate security vulnerabilities and threats.
• Develop and implement security tools, processes, and technologies to enhance application security.
• Conduct code reviews and provide guidance to developers on secure coding practices.
• Stay up-to-date with the latest security trends, vulnerabilities, and threats.
• Respond to security incidents and perform root cause analysis.
• Develop and maintain security documentation, including policies, procedures, and guidelines.
• Educate and train staff on security best practices and emerging threats.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• At least 4+ years experience in application security, including web and mobile application security.
• Proficiency in security testing tools and methodologies (e.g., OWASP ZAP, Burp Suite, static and dynamic analysis tools).
• Strong understanding of secure coding practices and principles.
• Experience with common security frameworks and standards (e.g., SOC2, OWASP, NIST, ISO/IEC 27001).
• Knowledge of authentication and authorization protocols (e.g., OAuth, JWT, SAML).
• Familiarity with cloud security best practices (e.g., AWS, Azure, Google Cloud).
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration skills.
• Passion for sports and an understanding of the sports industry.

Preferred Qualifications:

• Relevant security certifications (e.g., CISSP, CEH, OSCP).
• Experience with DevSecOps practices and tools.
• Knowledge of network security and endpoint security.
• Experience with incident response and forensic analysis.

Pay Transparency

The approximate base pay range for this position is $105,000 to $115,000. Please note that the pay range provided is a good faith estimate for the position at the time of posting. Individuals may also be eligible for an annual discretionary bonus and/or sales compensation. Actual compensation may vary based on factors including but not limited to job-related knowledge, skills, and experience as well as geographic location.