Application Security Lead
Founded in 2017, Unqork is the industry pioneer enterprise no-code application platform that helps large companies build, deploy, and manage complex applications without writing a single line of code.
Organizations including Liberty Mutual, Goldman Sachs, New York City, and Maimonides Medical Center are using Unqork’s drag-and-drop interface to build enterprise applications faster, with higher quality, and lower costs than conventional approaches.
In October 2020, Unqork Announced $207 Million in Series C Funding, raising company valuation to $2 Billion. To learn more, please visit: https://www.unqork.com.
The Opportunity:
As a Managed Security Services (MSS) Lead, you will be working with our Professional Services team to ensure client deployments of the Unqork platform are architected securely, and in compliance with applicable laws. You will be involved in securing each stage of the client delivery process including:
- Identifying security requirements and regulatory concerns related to the technical architecture and application that is built on Unqork
- Providing guidance and recommendations to internal and external teams on how to securely configure applications on the Unqork Platform
- Developing and maintaining security best practices for the Unqork Platform
- Performing and/or coordinating Dynamic Analysis Security Testing (DAST) and Manual Penetration Tests against applications built on Unqork
- Communicating and educating the role of security in the Unqork Secure Software Development Lifecycle to clients
- Performing application security threat modeling
- Constantly evolving the Managed Security Services process and organization
Who you are:
- You care about serving customers and delivering a secure product
- You have good interpersonal skills, are diligent, and self-motivated
- You are constantly thinking about how to break an application
- You understand the impacts of a vulnerability in relation to the business
- You have an eagerness to learn and excel in a high-paced environment
What we’re looking for:
- 3-5 years experience managing and/or conducting security architecture reviews
- 3-5 years experience managing and/or running DAST Scans
- 3-5 years experience managing and/or performing Web Application Penetration tests
- Experience communicating business and technical risks to key stakeholders
- Ability to collaborate with teams across the organization to ensure Unqork applications are built with secure architectural design principles
- Possess a level of technical curiosity, with a desire to learn new technologies within the areas of security and business risk management
- Have a good understanding of Secure SDLC Best Practices
- Working knowledge of web application development and the OWASP Top 10
- Understand the difference between AuthN and AuthZ
- Working knowledge of cloud technology and infrastructure
- Working knowledge of data security and data privacy regulations pertaining to financial, health and international data
Bonus:
- Prior experience working with no code platforms
- Prior experience as a security consultant
- You are not just a breaker but a builder
- Prior experience with Role Based Access Controls (RBAC)
- Working knowledge of the insurance, banking, and/or health industries;
- Working knowledge of NodeJS, modern front end frameworks (Angular/React) and schema-less databases;
Unqork is an equal opportunity employer, and proud to be committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.