Director, Application Security
Unqork is a new way to build enterprise software: it's a purely visual, drag-and-drop no-code platform designed to support the scale, complexity and security that enterprise applications require. Our customers are leaders in insurance, financial services, healthcare and the public sector, and they use Unqork to build custom software faster, with higher quality and at lower costs than code-based approaches. Founded in 2017, Unqork reached unicorn status in 2020, with a valuation of $2B. Unqork has been named one of the Best Startup Employers by Forbes, Best Places to Work by Built In and one of LinkedIn's Top Startups.
Responsibilities:
- You will report to the Chief Information Security Officer.
- You will lead a team responsible for enhancing the client delivery program and processes within Unqork.
- Identify security requirements and regulatory concerns related to the technical architecture and application that is built on Unqork.
- You will provide guidance and recommendations to our teams on how to securely configure applications on the Unqork Platform.
- Develop security best practices for the Unqork Platform.
- You will perform and coordinate Dynamic Analysis Security Testing (DAST) and Manual Penetration Tests against applications built on Unqork.
- Perform application security threat modeling.
- You will evolve the secure client delivery program and processes.
Qualifications:
- 3 or more years of experience managing security architecture reviews and running DAST scans.
- 3 or more years of experience managing and performing Web Application Penetration tests.
- Experience communicating business and technical risks to partners.
- Work with teams across the organization to ensure Unqork applications are built with secure architectural design principles.
- Have a level of technical curiosity within the areas of security and risk management.
- Understand Secure SDLC Best Practices.
- Working knowledge of web application development and the OWASP Top 10.
- Understand the difference between AuthN and AuthZ.
- Working knowledge of data security and data privacy regulations about financial, health and international data.
Unqork is an equal opportunity employer, and proud to be committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.