Application Security Engineer - SCA, SAST, DAST tool expert

This a Full Remote job, the offer is available from: United StatesWhat You'll DoIn this role you will have the opportunity to engage with the best and brightest engineers and architects as they build our future application and service capabilities, while ensuring our current generation solutions continue to deliver the trust and reliability our customers expect. If you want to make a big difference in a fast-moving environment without endless meetings, if you want to set your direction instead of having it set for you, if you want to have all the benefits of startup and an established company, we want to talk to you.Our ideal application security engineer has experience working on a variety of platforms and technologies and is passionate about identifying and managing risks. Security can be complex, so you will be responsible to make it simple, but make its impact significant in our engineering organizations. You will provide guidance, training, and support. You will be able to talk tech and business. You will work hard to find the right solution, not the first solution. You thrive on challenge and you are not afraid to dig in, all while having fun and not getting too serious.• Setting strategic direction for application security within Avalara, including processes, tools, metrics, and reporting• Performing code and design reviews of internal and customer-facing software products and solutions• Providing training, education, awareness, and communication to development and engineering groups• Guiding the Product teams to remediate the vulnerabilities.• Designing, developing, and implementing software development policies, standards, procedures, and technical controls• Managing security tooling infrastructure and configuration• Guide and mentor, the junior Application Security EngineersWhat You'll Need to be SuccessfulQualifications• Bachelor's Degree in Computer Science, Engineering, or related field• 4 - 8 years of experience performing manual code review and threat modeling.• 4 - 8 years of experience with SCA, SAST, DAST application security tools• Deep technical knowledge and experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10• Experience working with a variety of development tools, languages, and environments, including Python, Go Lang, Terraform, .NET, Java, PHP, Node.js• Experience working with cloud orchestration technologies like Docker, Kubernetes & IAC• Experience working with a variety of cloud providers including AWS & GCPPreferred Qualification• Experience developing and securing applications in AWS.• Good to have security certifications including CISSP, CSSLP, GIAC & AWS• Knowledge of regulatory and compliance standards including SOC 2, ISO 27001 & GDPR• Hands on experience in a continuous integration/continuous deployment (CI/CD) environmentHow We'll Take Care of YouTotal RewardsIn addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.Health & WellnessBenefits vary by location but generally include private medical, life, and disability insurance.Inclusive culture and diversityAvalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.Flexible hybrid workingWe support hybrid work and flexible schedules for our employees.Learn more about our benefits by region here: https://careers.avalara.com/About AvalaraWe’re Avalara. We’re defining the relationship between tax and tech.We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year.Last year, we became a billion-dollar business, and our tribe expanded by a cool thousand people - there’s nearly 5,000 of us now. Our growth is real, and we’re not slowing down - not until we’ve achieved our mission - to be part of every transaction in the world.We’re bright, innovative and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them.We’ve been different from day one. Join us, and your career will be too.EEO StatementWe’re an Equal Opportunity Employer. Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.This offer from "Avalara" has been enriched by Jobgether.com and got a 72% flex score.