Senior Security Engineer
Posted on: June 12, 2021
LogRhythm, a Thoma Bravo company, empowers more than 4,000
customers across the globe to measurably mature their security
operations program. LogRhythm's award-winning NextGen SIEM Platform
delivers comprehensive security analytics; user and entity behavior
analytics (UEBA); network detection and response (NDR); and
security orchestration, automation, and response (SOAR) within a
single, integrated platform for rapid detection, response, and
neutralization of threats. Built by security professionals for
security professionals, LogRhythm enables security professionals at
leading organizations like NASA, XcelEnergy, and Temple University
to promote visibility for their cybersecurity program and reduce
risk to their organization each and every day. LogRhythm is the
only provider to earn the Gartner Peer Insights Customers' Choice
for SIEM designation three years in a row.
Who we are looking for:
LogRhythm is seeking a Senior Application Security Engineer to
assist our team in shipping secure products. This role will have a
significant focus on penetration testing and remediation. You will
help ensure that LogRhythm products adhere to corporate and product
certification requirements, securing LogRhythm's development and
production environments, and protecting customer data.
You will perform application security assessments, penetration
testing, threat modeling, and code reviews. You will also deliver
security training for developers, and generally raise developer
awareness of security best practices. You will work cross
functionally with your peers in the engineering organization.
Here's an overview of the responsibilities & challenges
- Perform manual and automated security assessments (e.g. pen
testing, code reviews, vulnerability scanning, etc.) to drive
measurable security improvements in LogRhythm's products. Review
assessment reports and coordinate with engineering to ensure
findings are remediated.
- Assist in implementing automated DevSecOps practices into
product CI/CD pipelines and cloud environments.
- Be an active participate in advocating for and improving
security throughout the SDLC.
- Provide training and mentorship on secure coding best practices
to engineering team members.
- Consult with development and operations teams to provide
mentorship and recommend secure design patterns.
- Remain ahead of emerging and active threats: leverage pen
testing tools, develop custom offensive and defensive tools, review
and apply the latest security research / threat intelligence.
Required skills, background, and experience:
- Bachelor's degree in Computer Science or related field.
- 5+ years experience in Application Security
- Experience with penetration testing web-based SaaS applications
and systems operating out of Cloud infrastructure (AWS, GCP, Azure,
- Experience in secure coding best practices and security code
- Knowledge of application-level attacks and mitigation methods,
with a thorough understanding of OWASP top 10.
- Knowledge of DAST, SAST, 3rd party dependency, and container
image security scanning.
- Understanding of compliance standards and how they impact
software products and cloud operations.
- General security and offensive security assessment
certifications a plus: CISSP, CEH, OSCP, GPEN, etc.
- Contributions to the security community a plus: research
papers, public CVEs, conference talks, open source, etc.
Salary and Other Compensation
- The annual starting salary for this position is between
$120,000-150,000 depending on experience and other qualifications
of the successful candidate.
- LogRhythm offers the following benefits for this position,
subject to applicable eligibility requirements.
- 401k plan
- Flexible time off
- Employee assistance program
- Employees are eligible to receive incentive units
- Created:/ Revised Date: May 10th, 2021
- Reporting to: - Director, Customer Success
- Location: - Boulder, Colorado (will consider US remote
- Employment Status: - Full Time
- FLSA/ Applicable State Law Status- Exempt
Workplace equality & inclusion are not just words or topics for
LogRhythm, they are part of our core values, beliefs, and integral
to our company culture. We hire the best of the best and do not
discriminate based on race, gender, age, religion, sexual
orientation, identity, or other personal factors. LogRhythm was
built on the principals of innovation, dedication, creativity, and
commitment. It is through these key areas we were able to grow as
an equal and inclusive workplace, one where our employees feel
respected and safe in.
Disclaimer: The salary, other compensation, and benefits
information is accurate as of the date of this posting. The company
reserves the right to modify this information at any time, subject
to applicable law.
Keywords: LogRhythm, Boulder , Senior Security Engineer, Other , Boulder, Colorado
Didn't find what you're looking for? Search again!