Portfolio Jobs

Search open roles at our #staymagical portfolio companies

Senior Application Security Engineer

Reorg

Reorg

New York, NY, USA
Posted on Tuesday, June 11, 2024

Reorg

Reorg is a leading global provider of credit intelligence, data, and analytics. Since 2013, tens of thousands of professionals across hedge fund, investment banking, management consulting, and law firm verticals have come to rely on Reorg to make better, faster, and more confident decisions in pace with the fast-moving credit markets. For more information, visit: www.reorg.com

Working at Reorg

Reorg hires growth-minded innovators and trailblazers across the globe to drive our business and culture. Our core values – Action Oriented, Customer First Mindset, Effective Team Players, and Driven to Excel – define an organizational ethos that’s as high-performing as it is human. Among other perks, Reorg employees enjoy competitive health benefits, matched 401k and pension plans, PTO, generous parental leave, gym subsidies, educational reimbursements for career development, recognition programs, pet-friendly offices, and much more.

Role

A market leader in credit intelligence, Reorg brings together journalists, financial analysts, legal analysts, technologists, and data scientists to collect and synthesize highly complex information into actionable intelligence. Since 2013, tens of thousands of professionals across hedge funds, investment banks, management consulting, and law firm verticals have come to rely on Reorg to make better, faster, and more confident decisions in pace with the fast-moving credit markets. For more information, visit: www.reorg.com

Working at Reorg

Consistent with our growth, Reorg hires innovators and trailblazers across the globe to drive our business and our incredible corporate culture alike. Our core values – Action Oriented, Customer First Mindset, Effective Team Players, and Driven to Excel – define an organizational ethos that’s as high-performing as it is human. Among other perks, Reorg employees enjoy competitive health benefits, matched 401k and pension plans, Paid time off, generous parental leave, gym subsidies, educational reimbursements for career development, recognition programs, pet-friendly offices, and much more.

Role Overview:

Reorg’s Information Security and Technology Organization is seeking a skilled Senior Application Security Engineer to join the Director of Product Security's team. This critical role involves ensuring the security of our SaaS product through the implementation of secure coding practices, vulnerability assessments, and penetration testing. The ideal candidate will have a strong background in application security, hands-on experience with secure development methodologies, and a passion for identifying and mitigating security risks.

Responsibilities:

  • Secure Development Lifecycle (SDLC) Integration:

    • Integrate security into all phases of the software development lifecycle (SDLC), including design, development, testing, and deployment.
    • Collaborate with development teams to identify and remediate security vulnerabilities in code and applications.
  • Code Review and Analysis:

    • Conduct regular code reviews and static analysis to identify security flaws, coding errors, and potential vulnerabilities.
    • Provide guidance and recommendations to developers on secure coding practices and techniques.
  • Vulnerability Management:

    • Perform dynamic application security testing (DAST) and penetration testing to identify and exploit security weaknesses in web applications.
    • Analyze and prioritize vulnerabilities based on risk and potential impact, and work with development teams to remediate findings.
  • Security Tooling and Automation:

    • Implement and maintain security testing tools and automation frameworks to streamline vulnerability assessment and remediation processes.
    • Develop custom scripts and tools to automate security testing, code scanning, and vulnerability detection.
  • Threat Modeling and Risk Assessment:

    • Conduct threat modeling exercises to identify potential security threats and attack vectors in applications and systems.
    • Collaborate with cross-functional teams to assess security risks, prioritize remediation efforts, and implement risk mitigation strategies.
    • Perform application security testing on critical features to help ensure a strong security posture is maintained on the running applications.
  • Security Awareness and Training:

    • Provide security training and guidance to development teams on secure coding practices, OWASP Top 10 vulnerabilities, and common security pitfalls.
    • Promote a culture of security awareness and accountability across the organization.

Requirements:

  • Bachelor’s or Master’s degree in Computer Science, Information Security, or related field or equivalent experience related to this role.
  • 5+ years of experience in application security, software development, or related roles.
  • Strong knowledge of web application security vulnerabilities, such as SQL injection, cross-site scripting (XSS), and authentication bypass.
  • Hands-on experience with security testing tools and techniques, including static analysis, dynamic analysis, and penetration testing.
  • Proficiency in programming languages such as Java, Python, or JavaScript, with a focus on secure coding practices.
  • Security certifications such as CISSP, CEH, or GWAPT are preferred.

Equal Employment Opportunity

Reorg is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, pregnancy, veteran status, or any other legally protected status. We strive to create an inclusive and diverse work environment where all individuals are valued, respected, and treated fairly. We believe that diversity enriches our workplace and enhances our ability to innovate and succeed.