Our Mission Securing the software that powers your world. At Veracode, we are focused on that mission every day. Veracode is recognized as a premier provider of SaaS-based application security solutions, transforming the way companies secure applications in todays software driven world. We provide our customers with a solid foundation on which to build security into their modern agile development processes.
Veracode is seeking a highly-motivated, detail-oriented individual to join our Information Security team. As a leader in the Application Security community, our customers rely on us to deliver a world-class platform in a highly secure fashion. In this role, you will have the opportunity to help make our infrastructure, products, and customers more secure. The role of Information Security Engineer will include the following responsibilities:
- Participate in response activity to security incidents as a member of the Incident Response Team. Expected to eventually grow into leading these efforts for team.
- Perform log analysis for detecting intrusions and attacks conducted against cloud components using Splunk and other security monitoring software.
- After triaging security incidents, utilizing security event management tools to track incidents and follow up with needed personnel to ensure remediation of all incidents.
- Coordinate application security testing of cloud components and lead remediation efforts.
- Help drive adoption of security tools and best practices specifically within cloud infrastructure.
- Provide defensive recommendations on new threats to systems, applications, and technologies.
- BS (or MS) in Computer Science, Engineering, Information Security, or equivalent industry experience
- Minimum of 5 years of experience in information security or a mixture of related technical fields.
- Solid background in Information Security concepts.
- Comfortable using Splunk for security incident/event identification and vulnerability management tools like Nexpose or other similar solutions (Nessus, Metasploit, etc.).
- Familiarity with either FedRAMP or other regulations/frameworks: NIST, PCI, PII, ISO 27001, etc.
- Experience with LAN/WAN networking and security infrastructure (Firewalls, IDS/IPS, and VPNs).
- System hardening and incident response tools.
- 1 year or more of experience with Cloud platforms such as Amazon Web Services (AWS).
- Any experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within IaaS, PaaS, SaaS, and other cloud environments.
- Knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms.
- Experience with SOAR platforms (Demisto, Phantom, etc.)
- Experience with deployment orchestration, automation, and security configuration management.
- Familiarity with Cloud Management tools such as Dome9 and Threatstack.
- Exposure to FedRAMP and NIST 800-53 control implementation.
- Practical security certifications a plus (GIAC, CEH, AWS, etc.).
The Veracode Way:
We Have a Passion and Commitment for Security
We consider security in everything we do. We act to preserve the trust our customers place in us.
We Help Our Customers Change the World
We deliver peace of mind to our customers so they can focus on the pursuit of their missions.
We Have Big Goals and Expect Big Outcomes
We are results driven. We take risks, compete boldly, and deliver valuable outcomes to our customers.
We Are Committed to Making Progress Together
We collaborate with each other, our user communities, our industry and together lead the world forward.
We Value Each Other
We value diversity. We have empathy for each other and assume positive intent.
We Are Proud to be Veracode
We have fun together. We honor who we are and work hard to achieve our potential.
More About Working at Veracode:
Veracode, is a leader in helping organizations secure the software that powers their world. Veracodes SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets- whether thats software they make, buy or sell.
Veracode serves more than 1,400 customers across a wide range of industries, including nearly one-third of the Fortune 100, three of the top four U.S. commercial banks and more than 20 of Forbes 100 Most Valuable Brands. Learn more at www.veracode.com, on the Veracode blog, on Twitter and in the Veracode Community.
At Veracode youll have the opportunity to eliminate barriers for our customers and earn a competitive compensation and total rewards package all while pushing the boundaries of whats possible by collaborating with a diverse team of global innovators. In short, Veracodes fun, diverse, and fast-paced culture has put us on the map as one of the best employers in Information Technology.
We offer competitive salary, company-sponsored premium Medical/Prescription & Dental Plans, company-paid Holidays, Vacation, Anniversary Service and Sick Days, 401(k) Plan, Education/Training Reimbursement, Charitable Gift Program, Adoption Assistance Program.
We are equal opportunity employers. As such, it is our corporate policy to fill positions with qualified candidates regardless of the candidates race, color, sex, age, religion, ancestry, national origin, citizenship status, marital status, sexual orientation, gender identity, genetic information, disability, pregnancy, military status, veteran status or any other protected group status.