Application Security Engineer
Description:
Job Description
Description:
About Virtru:
Virtru is a leading data protection provider backed by some of the foremost venture capital firms in Silicon Valley and the Mid-Atlantic region, including Iconiq Capital, Bessemer Venture Partners, Foundry Capital, and Tiger Global. Today, more than ever, data demands respect, and that’s why Virtru is committed to changing the rules for data privacy. At Virtru, we equip our customers to take granular control of their data—everywhere it’s shared—through end-to-end encryption for Google, Microsoft, and other data sharing platforms. Our market-leading portfolio of data encryption and privacy enhancing applications are remarkably easy to use, fast to implement, affordable for all, and built on the Trusted Data Format (TDF) open standard.
At Virtru, our motto is "Respect the people. Respect the data." Respecting data to us means keeping it secure and protected at all times across its entire lifecycle. We firmly believe that when you respect data, you’re demonstrating respect for the people who own that data.
Working at Virtru, you'll be inspired by colleagues who are passionate about the work they do. We are dedicated to creating an atmosphere that sparks creativity, connection, and professional growth while empowering each other to do our best work. We're building something special at Virtru. We hope you consider joining our team and helping us create a brighter future for data privacy.
Responsibilities:
Security Engineering
Collaborate with development teams, Site Reliability Engineering, and other stakeholders to drive the adoption of security best practices throughout the SDLC.
Independently identify security improvements and implement them.
Security Assessments
Conduct threat modeling, code audits, design reviews with engineers to ensure effective and secure development.
Provide actionable recommendations based on assessment findings.
Security Tools Integration and Management:
Integrate and manage dynamic/static code analysis tools during build time and runtime.
Ensure operation of security tools within the development pipeline.
Vulnerability Management:
Implement, manage, and automate vulnerability management processes.
Prioritize and remediate vulnerabilities discovered through internal scans, penetration tests, and bug bounties.
Threat Hunting:
Establish a threat hunting capability and automate where appropriate.
Enhance logging capabilities related to security events.Requirements:
4+ years experience in secure development or application security.
Deep knowledge of security concepts such as authentication, web architecture, etc.
Experience with Nodejs, Go, etc.
Experience running bug-bounty, penetration testing, vulnerability scanning programs.
Experience setting up and maintaining SAST, DAST, IAST and SCA tooling
Experience using assessment tools such as Burp, ZAP, Qualys, Nessus, etc.
Experience building and maintaining WAF solutions.
Familiarity with industry security practices, standards, and regulations such as FedRAMP, SOC2, HIPAA, etc. a plus.
Familiarity with GCP/AWS and Kubernetes infrastructure security a plus.
Self-motivated and goal driven, able to find what needs to be done and do it.
Virtruvian qualities that will set you up for success:
Thinking outside of the box to respectfully challenge your teammates and managers in the pursuit of excellence
Strong sense of urgency with an action-oriented mindset
Able to collaborate and adapt to shifting priorities as business needs evolve
Comfortable with asynchronous communication including slack, email, zoom, etc.
Perks & Benefits:
At Virtru, we believe people do their best work when their wellbeing is put first. This is why we make your wellbeing our priority with a thoughtful and holistic program that encompasses Occupational, Mental, Social, Physical, and Environmental Wellness by offering benefits such as…
A Remote-First Approach — Virtru is committed to being forever flexible when it comes to where, how, and when you get your work done. You have the option to work from home if that suits you best, or work from our DC Headquarters if you prefer being in person!
A Flexible PTO policy — we strongly encourage you to take a minimum of 25 days off annually (in addition to 12 federal holidays) to ensure that you are getting the proper time needed to unplug and recharge.
A $1,500 annual Learning & Development Stipend focused on providing you the resources to continually learn and professionally grow.
A $250 Work-From-Home Stipend to help make your office space more comfortable and productive.
Internal mobility options for those interested in exploring their skills in other areas of the business
Frequent company-sponsored Team Celebrations that provide ample opportunities to connect with teammates and be social!
Access to an Employee Assistance Program.
Access to Headspace, a mental health app tailored to your specific needs.
A high degree of flexibility — Have an appointment, errand, or family emergency to take care of? Hop to it! We give you the time and space to take care of you and your own first.
In addition to wellbeing, Virtru places a strong emphasis on diversity, equity, inclusion, and belonging. Our DE&I Council is dedicated to fostering an inclusive workplace and making the psychological safety of each and every one of our teammates a top priority. The Council also hosts a range of events throughout the year focused on the continual education of our teammates on social justice issues, current events, and marginalized cultures and communities.
Additional perks include:
Competitive compensation
Generous parental, medical, and bereavement policies
Uncapped commissions for Sales roles
401K and stock options
Full medical, dental, and vision benefits
Annual Winter Hackathons and Summer “InnoVation Weeks” (in-person optional)
New Hire Swag and IT Welcome boxes
Structured semi-annual 360 ree; performance reviews
Transparency is at the core of how we operate and everything we do!
Virtru is currently operating in a remote-first capacity; however, there are plenty of opportunities to connect with the team in person throughout the year, both in and out of the office, whether they be team-specific or company-wide celebrations and events.
Virtru is committed to building an inclusive environment for people of all backgrounds and everyone is encouraged to apply. Virtru is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender, sexual orientation, gender identity or expression, religion, disability, national origin, protected veteran status, age, or any other status protected by applicable national, federal, state, or local law.