Reltio is looking for a Senior Application Security Engineer to build and integrate security practices across our development and release processes. You will work closely with cross-functional teams to ensure security is foundational to our software design, development, and deployment, promoting shift-left methodologies.
What You'll Do
- Collaborate with development teams to integrate security practices throughout the software development lifecycle (SDLC).
- Implement secure coding standards and best practices across development teams.
- Support implementation of security controls within CI/CD pipelines for automated security testing.
- Work with release management teams to ensure secure deployment checks and compliance.
- Support shift-left development by providing guidance and remediation support to engineers.
- Develop and maintain security tools and frameworks that support developers.
- Conduct threat modeling sessions with teams to identify security risks early in design.
- Analyze and support remediation of security vulnerabilities in applications.
- Assist development teams in writing code fixes for vulnerabilities.
- Deliver content on secure coding practices, application security threats, and remediation techniques.
- Guide developers on secure coding techniques and provide hands-on guidance during code reviews.
- Partner with DevOps, QA, Engineering, Product, and Release Management teams to incorporate security requirements.
- Stay current with emerging security threats and best practices to improve our processes and tooling.
- Evaluate and integrate new security technologies to enhance our application security posture.
What We're Looking For
- 5+ years of experience in application security or software development.
- At least 2 years in a cloud-native or SaaS company.
- Hands-on experience with secure coding practices and application development.
- Understanding of cloud well-architected frameworks, application development, and deployment workflows.
- Experience with release management processes and integrating security into deployment workflows.
- Passion for improving quality processes through shift-left, automation, and tools.
- Self-starter who likes taking on challenges.
- Superior communication skills to interact clearly with peers, customers, and leadership.
- Knowledge and expertise in essential web technologies like Java Spring Boot, Java, JavaScript, Node.js, C#, UI frameworks (e.g., Backbone.js, Vue.js, React, Angular), microservices, cloud technologies, serverless, and emerging tech.
- Hands-on experience in developing secure applications using these technologies.
- Proficient in secure coding standards and best practices, with hands-on implementation experience.
- Experience leading secure code reviews and guiding developers on secure coding.
- Strong understanding of application security vulnerabilities (e.g., OWASP Top Ten) and prevention.
- Experience with some combination of the top 3 IaaS vendors (AWS, GCP, and Azure).
- Experience with securing container ecosystems and Kubernetes orchestration.
- Experience with Jenkins, ArgoCD, or other continuous integration software.
- Experience operationalizing static analysis, software composition analysis, and dynamic analysis testing tools in the development pipeline.
Technical Stack
- Languages & Frameworks: Java Spring Boot, Java, JavaScript, Node.js, C#, Backbone.js, Vue.js, React, Angular
- Cloud & Infrastructure: AWS, GCP, Azure, Kubernetes
- CI/CD: Jenkins, ArgoCD
Work Mode
This is a global position.
Reltio is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.
