Senior Application Security Engineer

Company Description

Illumio, recently named to the CNBC Disruptor 50 list, stops cyber threats by controlling the lateral movement of unauthorized communications through its breakthrough adaptive segmentation technology. The company’s Adaptive Security PlatformTM visualizes application traffic and delivers continuous, scalable, and dynamic policy and enforcement to every bare-metal server, VM, container, and VDI within data centers and public clouds. Using Illumio, enterprises such as Morgan Stanley, Workday, JPMorgan Chase & Co., Plantronics, Salesforce, King Entertainment, NetSuite, Oak Hill Advisors, and Creative Artists Agency have achieved secure application and cloud migration, environmental segmentation, compliance and high-value application protection from breaches and threats with no changes to applications or infrastructure. For more information, visit www.illumio.com or follow us @Illumio.

Job Description

You’ve got the passion. You’ve got the AppSec skills. Now you just need the right opportunity. If you can quote CWE’s & CVE’s in your sleep, if your passion is finding and fixing application vulnerabilities, if you enjoy evangelizing application security principles and processes every day and twice on Sundays … then we would like to have you on our team. Come join us in revolutionizing security for the enterprise in the cloud era. At Illumio, you’ll have the chance to join a team of smart and talented people who are on a mission to change the world with Adaptive Segmentation and Security -- in the Cloud, in the Data Center, and beyond.

THE WORK:

The Sr. Application Security Engineer is a key member of Illumio’s security team reporting in to the office of the CTO. In this role, you will work closely with Illumio engineering and other application teams to assess the application threat landscape, build security into the SDLC and perform ethical hacking. You will:

  • Be an Application Security driver and evangelist inside Illumio
  • Help application teams implement secure SDLC practices
  • Run threat modeling for cloud and enterprise application scenarios
  • Guide application development teams in secure coding best practices
  • Automate and Integrate security into agile development processes and CI/CD pipelines
  • Assess applications for security vulnerabilities using various tools
  • Coordinate 3rd party application assessors and pen-testers
  • Help with application security incident response

Qualifications

MUST HAVES:

  • 3+ years experience in an active Application Security role
  • 3+ years experience working with teams on multi-tiered, complex web applications (java, ruby, python, C++, etc.)
  • Minimum 3-7 years experience in an information security or related role
  • Ethical hacking / application pen-testing experience
  • Secure SDLC experience
  • Strong analytical skills and learning agility
  • Strong interpersonal and communication skills

NICE TO HAVES:

  • Application security experience with Ruby a strong plus
  • Application security experience with Windows and Linux binaries a strong plus
  • Application development or testing background
  • Previous startup experience
  • CISSP and/or other security certifications are a plus
  • BS or MS in Computer science or related

Additional Information

All your information will be kept confidential according to EEO guidelines.


Meet Some of Illumio's Employees

Andrew R.

CEO & Founder

As chief executive officer and founder, Andrew is responsible for the overall strategy, vision, and funding of Illumio.

Joy S.

Member of Technical Staff

As a team lead, Joy drives the visualization section of Illumio’s projects forward through team direction and solving hard problems for customers.


Back to top