Senior Application Security Engineer
Description For Senior Application Security Engineer
Ivalua, a leading global provider of cloud-based procurement solutions founded in 2000, is seeking a Senior Application Security Engineer to join their InfoSec team in Pittsburgh. This role is crucial in securing Ivalua's SaaS application product and corporate internet-facing applications. The position offers a competitive salary range of $150,000-$170,000 with additional benefits and annual bonus potential.
The ideal candidate will have 5+ years of hands-on experience in web application penetration testing and a strong background in security integration within the SDLC process. You'll be responsible for enhancing security scanning configurations, performing manual security testing, and acting as a subject matter expert for application security.
Working in a hybrid model (3 days in office), you'll join a dynamic team focused on building and maintaining a robust Information Security program. The role combines technical expertise with collaborative teamwork, requiring both strong security skills and excellent communication abilities.
The position offers comprehensive benefits including medical, dental, and vision insurance, 401k with company match, and various perks such as weekly lunches and regular social events. Ivalua has been recognized by Comparably for its company culture, diversity, and engineering teams.
This is an excellent opportunity for a security professional looking to make a significant impact in a growing, stable company that values innovation, collaboration, and professional growth. The role requires U.S. Person status due to export control requirements and offers a balance of technical challenges and leadership opportunities in application security.
Responsibilities For Senior Application Security Engineer
- Perform manual web application penetration testing on Ivalua SaaS application and corporate web applications
- Enhance/Optimize application security tooling scanning configurations
- Write and maintain in-house automated security testing scripts
- Act as main POC for analyzing technical audits findings from US customers
- Support implementation of security best practices in development lifecycle
- Analyze, report, track and retest security vulnerabilities
- Develop and maintain developer security training program
- Act as SME on application security
Requirements For Senior Application Security Engineer
- 5+ years hands-on experience in performing penetration testing on web applications and web services
- Proven practical experience in integrating security as part of SDLC
- Highly proficient in scripting, client-side programming and query languages (Python, JavaScript, SQL)
- Experience with industry-recognized application security tools (BurpSuite, SQLMap, Invicti, Checkmarx etc.)
- Offensive Security qualification or similar preferred
- Excellent interpersonal, communication and organizational skills
- Team player with ability to interface effectively
- High degree of initiative and ability to work with limited supervision
- Must qualify as a U.S. Person under U.S. export control laws
Benefits For Senior Application Security Engineer
- Medical Insurance
- Dental Insurance
- Vision Insurance
- 401k with company match
- Hybrid work model
- Weekly lunches
- Snacks
- Career development program
- Regular social events
Jobs Related To Ivalua Senior Application Security Engineer
