ApplicationSecurityEngineer

Who We Are: Sequoia is the strategic partner helping investor-backed companies of all sizes achieve their business goals through smarter people spend. For 24 years, we’ve guided the most innovative employers to navigate growth and get the most out of their global people investment. With our expert advisory team and integrated platform, we help clients drive business impact through their total comp and benefits, improving executive decision making, controlling costs, protecting the business, and elevating the employee experience. Visit Sequoia.com http://Sequoia.com or follow us on LinkedIn https://www.linkedin.com/company/sequoia-tpi/%22%20/t%20%22_blank to learn more. As an Application Security Engineer, you will be providing application security expertise throughout the Software Development LifeCycle (SDLC) as well as being responsible for managing and driving forward the Application Security Analytics practices. A key part of your role will also involve validating and testing web applications in order to ensure applications meet the requirements of the SDLC Policy and industry best practices. In addition, undertaking threat modelling and conducting periodic penetration testing using best of breed tools, a good understanding of the OWASP Top 10 vulnerabilities and maintaining documentation. You'll perform various day-to-day activities related to ensuring the security of Sequoias application environment. These tasks may include conducting application security reviews to identify vulnerabilities in software applications that could be exploited by attackers, performing penetration testing to assess the effectiveness of existing security controls and identify potential weaknesses, providing training and outreach to internal development teams to improve their understanding of security best practices, developing security guidance documentation to help others understand how to implement secure systems and applications, developing security tools to automate or streamline