Application Security Engineer

Product Development · Remote, District of Columbia
Department Product Development
Employment Type Full time
Minimum Experience Experienced

Who we are:

Tasktop is transforming how the world’s largest organizations manage the process of building software. Our Value Stream Management (VSM) platform has enabled our Fortune 500 customers to dramatically reduce their time to market and increase the velocity of software development. Sitting above the entire software development toolchain, Tasktop’s VSM platform integrates all popular software development tools - like Jira, ServiceNow, Azure DevOps and many more - and allows organizations to see where work is getting stuck and how they can improve. The company has been recognized by industry analysts such as Forrester and Gigaom as the leader in this new category of tools. 


Founded in Vancouver, Canada, Tasktop is a global company with staff across North America, Europe and Australia. We have an energetic vibe, where we value work/life balance and creating an organization of diverse individuals that learn from each other. Recently named Built-In Austin’s Best Midsize Place to Work For, Tasktop provides the space to do the best work of your life.


Why Tasktop:

Diversity and caring for each other are two of Tasktop’s key values and at Tasktop, we have built a community of mutual respect and trust. We believe that diverse teams perform better and foster an environment of belonging and inclusion. We aim to continually learn, evolve, and be better versions of ourselves.


The opportunity:


Application Security Engineer


Tasktop is looking for an Application Security Engineer that will be instrumental in ensuring our products are designed and implemented to the highest security standards. This Security professional will work with engineers, and across the code base to discover and address security issues. 


Responsibilities:

  • Providing subject matter expertise in architecture, authentication, and application security. Understanding our full engineering stack, services, and data flow, and owning their security controls.
  • Helping to design and implement security and availability of endpoints, cloud applications, and supporting services.
  • Automating security controls to reduce Tasktop’s attack surface, and proactively seek the latest security trends, techniques, related tools and security vulnerabilities.
  • Providing recommendations to correct deficiencies and deliver improvements to help optimize the high availability, redundancy and security of our production infrastructure.
  • Maintaining information security practices, to ensure all systems and services are meeting service level agreements.
  • Working with both internal and external groups to ensure systems are securely integrated, configured, managed and supported.
  • Documenting and delivering security training and awareness-raising initiatives. 
  • Performing regular security reviews.
  • Helping to design and implement security testing throughout Tasktop’s product lifecycle.

Who you are:

  • Experience securing Angular and React based single page web applications and microservices architectures.
  • Experienced in securing infrastructure and applications in any public cloud-based providers such as Amazon Web Services, Microsoft Azure, or Google Cloud Platform.
  • Experienced in implementing security controls for information security compliance programs such as GDPR, CIS, SOC 2, CCPA, PCI, SOX etc. 
  • Thorough understanding of authentication, authorization, and directory services such as SSO, OAuth, or OpenID.
  • Experience covering a combination of the following: 
    • Threat Modeling 
    • Identity Management
    • Software Development
    • Cryptography 
    • System Administration and Network Security
  • Experienced with automating security in deployment pipelines, performing security assessments, and ability to identify pitfalls with manual and automated penetration tests.
  • Experienced with cybersecurity software and penetration testing tools (such as SolarWinds, Wireshark, Metasploit, Kali Linux, John the Ripper).
  • Certifications, such as OSCP, SANS, and AWS architecture and security certifications, is a plus.
  • Understanding of network and web related protocols (such as, TCP/IP, HTTP, HTTPS/TLS).
  • Experienced with multiple programming languages (such as, Java, Scala, Python, Go, etc.).
  • Excellent written and verbal communication skills.


What gives you an edge:

  • Inquisitive with a track record of remediating and resolving potential security threats.


As a Tasktop employee you will enjoy flexibility, a health and wellness allowance, volunteer programs, a generous vacation offering, happy hours, and plenty more benefits!

Do you want to join the movement?? We would love to hear from you. Apply within! 

 

 

 


Thank You

Your application was submitted successfully.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

  • Location
    Remote, District of Columbia
  • Department
    Product Development
  • Employment Type
    Full time
  • Minimum Experience
    Experienced