Note: This role is open to remote workers.
We are looking for a talented and passionate Applications Security Engineer to help us invent, design, and create best-in-class SaaS solutions. This is an amazing opportunity to be part of a greenfield development project in the world’s largest design firm, with both an established and rapidly growing market.
As an Applications Security Engineer, you will apply a security focused mindset to design, develop, test, maintain and document our client-facing applications. You will work with a broad range of new cloud-centric technologies in lockstep with experienced development partners.
If you enjoy working iteratively in small teams, our Scrumban approach to software development will meet the needs of any Agilist. We use a Lean Startup mentality for everything we build, using relentless prioritization to enable faster time to market with a minimal viable product. We use LeSS to scale development across multiple small teams of 3-5 people.
We are looking for a self-motivated developer who is?happiest working in a collaborative environment. This person would seamlessly integrate?and communicate?fluidly with?local, remote and client-facing teams while promoting and establishing secure coding best practices. This dazzling candidate would enjoy the benefits of an established company with start-up energy.
What You Will Do
-Engineer, implement and monitor security measures for the protection of cloud-based infrastructure and client data
-Play a key role in defining secure configuration standards for key technology platforms early in the development lifecycle
-Create detailed business, technology, operational and security requirements
-Participate in and support application security reviews and threat modeling, including code review and dynamic testing
-Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
-Lead in development of automated security testing to validate that secure coding best practices are being used using tools such as Selenium, OWASP Nettacker and OWASP ZAP
-Help design and implement processes and technology solutions to assess, monitor, audit and enforce compliance with internal and regulatory requirements such as ISO27001, FedRamp, CUI/CMMC, NIST and others
-Collaborate with Gensler's Security Operations team for internal assessment details, third party penetration tests, feedback, lessons learned and documentation of results
-Bachelor’s degree or equivalent work experience in Information Technology, Cyber Security, Management of Information Systems, Computer Science, Informatics, Information Science or similar discipline
-3+ years of experience working in software development, IT, security engineering, application security, enterprise SaaS infrastructure environment, or similar role(s)
-2+ years of experience in software/application security required
-Familiarity with common security libraries, security controls, and common security flaws
-Basic development or scripting experience and skills. C#, Ruby are preferred
-Experience with OWASP, static/dynamic analysis, and common security tools
-Working knowledge of cryptography, both symmetrical (AES) and asymmetrical (RSA/DSA/EC)
-Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
-Experience identifying security issues through code review
-Security certification such as CASE, CEH or equivalent work experience preferred
Life at Gensler
Gensler has been providing integrated workplace management SaaS solutions to corporate real estate clients for over 20 years. To meet the changing needs of the workplace, we are creating new products using modern technology to enhance the physical workplace experience through digital design. We will unlock the potential of the workplace through machine learning and deep data insights.
At Gensler, we are passionate about enjoying our creative work while delivering best-in-class design. We believe in using technology to make collaborating with your team easy, from wherever you work best. We thrive in our environment where people are empowered to be autonomous, can gain mastery of new skills, and are aligned to a higher purpose of ‘Empowering a human centric workforce through bold and elegantly designed digital solutions.
We encourage every person at Gensler to lead a healthy and balanced life. Our comprehensive benefits include medical, dental, vision, disability, wellness programs, flex spending, paid holidays, and paid time off. We also offer a 401k, profit sharing, employee stock ownership, and twice annual bonus opportunities.
As part of the firm’s commitment to licensure and professional development, Gensler offers reimbursement for certain professional licenses and associated renewals and exam fees. In addition, we reimburse tuition for certain eligible programs or classes. We view our professional development programs as strategic investments in our future.