This job post is closed and the position is probably filled. Please do not apply. Work for Guild Education and want to re-open this job? Use the edit link in the email when you posted the job!
๐ค Closed by robot after apply link errored w/ code 404 11 months ago
\nRole Description:\n\nYou will be a leader within our application security team. The goal of Guild Educationโs application security program is to ensure that software engineering teams across the company are enabled to securely design, build, test, and maintain the applications that power our business. Our guiding principle is to pave roads and enable our engineers to deliver secure software with minimal friction, supporting their work across the entire Secure Development Lifecycle (SDL). We take a customer-service oriented approach to support, coach, and empower our engineers to do the right things without friction or slowing them down.\n\n \n\nResponsibilities:\n\n\nDevelop and lead threat modeling training, workshops, and collaborative sessions for a wide array of cloud-based products and services. Champion threat modeling practices within the development teams, promoting best industry practices.\n\nCollaborate with product and engineering on architecting resilient, security-first services\n\nBuild and deliver educational content to our engineers including hands-on training courses\n\nInterpret findings from application security tools and provide coaching in remediation\n\nAssist in the development of secure code libraries\n\nEvaluate and classify findings from SAST, DAST, SCA and externally reported sources\n\nAct as technical liaison between Information Security and application development teams, including guiding teams towards strong application security practices and remediating known risks\n\nDevelop and support integration and automation within security, monitoring, reporting, and ticketing platforms\n\nReview and analyze existing processes and suggest improvements for increased security and efficiency\n\n\n\n\n \n\nRequirements:\n\n\n1-3 years in secure development/application security\n\nProficiency in one or more of modern programming languages\n\nProficiency in scripting\n\nHands-on experience with one or more application security testing tools (SAST, SCA, IAST, DAST)\n\nIntimate knowledge of OWASP Top 10 Vulnerabilities, mitigations, and their impact on application architecture\n\nExperience in web application security and SSDLC practices\n\nProficient in at least one general programming language such as JavaScript, Python, C/C++, Java, Rust, or Go\n\nAn understanding of web applications, web servers, layer 7 application technologies\n\n\n\n\n \n\nPreferred Qualifications:\n\n\nAn understanding of AWS Well Architected Framework and Cloud native application development best practices\n\nExperience with OWASP Application Security Verification Standards (ASVS)\n\n\n\n\n \n\nOther Soft skills:\n\n\nYou are a great communicator who can explain technical issues and risks to a broad, non-technical audience.\n\nYou can work well with engineering, legal, security, devops, product, executives, and others.\n\nYou tailor your communication style, level of detail, and approach based on the audience.\n\nEnjoys working directly with software engineers, including in new languages and tool chains\n\nYou are a strong collaborator and can influence technical teams, and you take them along with you.\n\nYou operate effectively across teams and disciplines even in highly ambiguous situations.\n\nYou have experience building inclusive team cultures\n\n\n\n\n \n\nWe feel passionately about equal pay for equal work, and transparency in compensation is one vehicle to achieve that. Total compensation for this role is market competitive, including a base salary range of $110,000-$130,000 as well as company stock options. \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to InfoSec, Education, Engineer and Cloud jobs that are similar:\n\n
$80,000 — $120,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nDenver, Colorado, United States
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.