Job Directory Cornerstone Ondemand Senior Web Application Security Engineer (Santa Monica, CA)
Cornerstone Ondemand

Senior Web Application Security Engineer (Santa Monica, CA) Cornerstone Ondemand
Santa Monica, CA

Cornerstone OnDemand is a company providing comprehensive learning and talent management solutions.

Companies like Cornerstone Ondemand
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About Cornerstone Ondemand

Job Description

The Senior Web Application Security Engineer position is a hands-on role that involves evaluating and enforcing application security in all phases of the Software Development Life Cycle (SDLC). This position will work closely with our development teams to define the application security standards, perform software architecture and design reviews, conduct white box security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms.

In this role you will…

* Participate in architecture and design reviews with senior development/DevOps staffs
* Define and design security code analysis tools and framework
* Conduct white box security testing to assess and validate application security
* Define, maintain and enforce application security standards
* Monitor and track progress of found vulnerabilities and maintain the history
* Explain and demonstrate vulnerabilities to application/system owners, and provide recommendations for mitigation
* Issue reports on assigned application and system scans
* Perform secure code development training to developers, quality assurance personnel and relevant staffs
* Evangelize security across all teams and influence change where needed

You've got what it takes if you have…

* Bachelor's degree in an Information Technology related field of study or equivalent experience
* 5+ years of experience in web or mobile application
* Knowledge of information security principles, web applications and a level of familiarity with malicious code and common techniques used by hackers
* Knowledge of cloud-based infrastructures/software and how they affect security needs.
* Knowledge of AWS architecture, services, and security
* Experience implementing security practices in CI/CD environment
* Knowledge of microservices architectures
* Experience with HTML and JavaScript along with a solid understanding of HTTP protocol
* Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.Net. .NET Core experience is a plus.
* Thorough understanding of SDLC and familiarity with software security maturity models, such as Building Security In Maturity Model (BSIMM) or OWASP Software Assurance Maturity Model (SAMM)
* Experience conducting secure code development training is a plus
* Experience using Agile software development and project management. Experience with Scaled Agile Framework (SAFe) is a plus
* Familiarity with common SDLC tools: static and dynamic code analysis, open source management, threat modeling, etc.
* Knowledge of cryptographic tools or security APIs is a plus
* Excellent problem solving and analytical skills; outstanding oral and written communication skills
* Experience coordinating penetration testing activities is a plus
* Experience interacting with security vendors and customers
* Self-motivation and the ability to work under minimal supervision
* Excellent at multitasking, and open to constant learning
* Energetic and positive attitude

About Cornerstone Ondemand

Cornerstone OnDemand is a company providing comprehensive learning and talent management solutions.

5000 employees
Cornerstone Ondemand

1601 cloverfield boulevard, suite 600s

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.