Job Description

Company Overview

Kiteworks ’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. To this end, we created a platform that delivers content governance, compliance, and protection to customers. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communication. Kiteworks is carrying its bold vision forward while maintaining strong profitability and growth. This is a perfect time to join the company as it moved into a high growth phase and there are many opportunities to make a meaningful contribution to its future.

The Role

We are looking for a highly driven, talented, and self-motivated Application Security Engineer to be part of our growing application security team. You will be part of a team that is up to date on emerging security vulnerabilities and threats, and works toward improving the security of our products and our CI/CD environment and process.

Job Requirements

Requirements

• Bachelor’s or master’s degree in computer science or computer engineering, ideally with a specialization in cybersecurity.

• 3+ years of application security-related work experience.

• An analytical mind with outstanding problem-solving skills and strong attention to detail.

• Experience running and interpreting results from SAST and DAST tools

• Experience with Linux system hardening, implementing CIS security standards.

• Experience with PHP and Python.

• Experience with blue team tasks, such as DFIR and security hardening.

• Experience with AWS and Azure is a plus.

• Security-related certifications, such as SANS, are a plus.

• Excellent written and oral communication skills.

• Excellent interpersonal skills and the ability to articulate to both technical and non-technical audiences.

• Passion for Kitework’s space and mission.

Job Responsibilities

Key Responsibilities

• Perform threat modelling using STRIDE on the product before each release.

• Consult in design and security review s of all new features developed.

• Conduct product code reviews

• Conduct white box security scans; harden systems and the application platform.

• Document security fixes and assist customer support with security advisories.

• Maintain documentation and file CVEs.

• Verify and recommend fixes for security issues.

• Analyze reported vulnerabilities; perform impact analysis and risk determination using CVSS vulnerability rating methods.

Job Benefits

Benefits

• Hybrid working environment with flexible working hours
• You’ll be rewarded with a competitive compensation package including stock options
• Annual wellness benefit for gym memberships etc.
• Monthly company lunches