Search jobs > Fort Worth, TX > Security engineer application

Security Application Engineer

RingCentral
Dallas Fort Worth
Full-time

Say hello to opportunities.

It’s not every day that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role.

First, a little about us, we’re a $2 Billion annual revenue company with double digit Annual Recurring Revenue (ARR) and a $93 Billion market opportunity in UCaaS, Contact Center and AI-powered adjacencies.

We invest more than $250 million annually to ensure our AI-enabled technology and platforms meet or exceed the needs of our customers.

RingSense AI is our proprietary AI solution. It’s designed to fit the business needs of our customers, orchestrated to be accurate and precise, and built on the same open platform principles we apply to our core software solutions.

This is where you and your skills come in. We’re currently looking for :

This is where you and your skills come in. We're looking for : Security Application Engineer, DAST Scanning (Belmont CA, Denver CO, Dallas TX)

We are looking for a Security Application Engineer with a strong understanding of web and mobile application vulnerabilities, how they can be detected, exploited and remediated.

Responsibilities :

  • Consult developers on questions related to reports of security scanners*, which includes explaining why an issue should be considered as a vulnerability, explaining circumstances under which an issue might be exploitable, providing suggestions on how an issue can be remediated
  • Review and validate issues marked as potential false positives by developers; request additional clarifications where required.
  • Review and improve security scanners configurations :
  • Review scanning rules in presets, make sure that important rules are enabled and irrelevant rules are disabled
  • Make sure security scanners do not miss production code / applications, as well as do not scan testing-only code / applications
  • Where possible and required, adjust scanning rules to improve their accuracy
  • Collaborate with legal to make sure that license violation rules for open source software are configured correctly
  • Maintain access to security scanners.
  • Report breached security defects SLA.
  • Support risk exceptions process for the following cases :
  • violations of security defects SLA
  • deviations from security policies / standards (for example, releasing with a higher vulnerability level than defined as satisfactory)
  • Triage reports from the bug bounty platform, address them to responsible engineering teams
  • Triage reports from the external attack surface management platform, address them to responsible engineering teams
  • Maintain security scanners deployed in production environment, which includes :
  • deploy new versions
  • Patch security vulnerabilities
  • Make sure security hardening benchmarks are met (such as CIS or STIG)
  • Make sure other requirements for production deployment are met (logging, monitoring, backups, etc.) Note : Security scanners include, but are not limited to static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA)

Desired Qualifications :

  • Technical experience in product architecture, design, implementation
  • Expertise with product security design, review, implementation including threat modeling and risk assessment implications
  • U.S citizenship required
  • Extensive experience with web and mobile application testing- SAST / DAST, penetration testing
  • Secure design and implementation capabilities
  • Experience with open-source software including lifecycle management, vulnerability management tools
  • Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments, appropriately targeted for colleagues and upper management
  • Outstanding organizational and time management skills, desire to work within a highly collaborative team

Nice-To-Have :

  • Any WebRTC, Video and audio streaming
  • Video codecs
  • B.S. or equivalent in CS or EE

What we offer :

  • RingCentral offers all the work / life benefits you could ever want, (and none of the micromanagement.)
  • Comprehensive medical, dental, vision, disability, life insurance
  • Health Savings Account (HSA), Flexible Spending Account (FSAs) and Commuter Benefits
  • 401K match and ESPP
  • Flexible PTO
  • Wellness programs including1 : 1 wellness coaching through TaskHuman and meditation guidance through Headspace
  • Paid parental leave and new parent gift boxes
  • Pet insurance
  • Employee Assistance Program (EAP) with counseling sessions available 24 / 7
  • Rocket Lawyer services that provide legal advice, document creation and estate planning
  • Employee bonus referral program

The RingCentral Application Security team is a part of a larger CISO team. The area of responsibility of the application security team includes enablement and support for RingCentral’s Security Development Lifecycle (SDL) program.

This includes development of infosec governance artifacts i.e., policies, standards and procedures for secure software development at RingCentral, leading security architecture reviews and threat modeling, developing security requirements, SAST / DAST / SCA testing and integration of these tools into the build and deploy process, penetration testing, managing bug bounty program.

RingCentral’s work culture is the backbone of our success. And don’t just take our word for it : we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location.

Bottom line : We are committed to hiring and retaining great people because we know you power our success.

30+ days ago
Related jobs
Promoted
VirtualVocations
Fort Worth, Texas

A company is looking for an Application Security Engineer to enhance application security and support development teams. ...

RingCentral
Fort Worth, Texas

Note: Security scanners include, but are not limited to static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA). We are looking for a Security Application Engineer with a strong understanding of web and mobile application vulner...

Promoted
VirtualVocations
Fort Worth, Texas

A company is looking for a Principal Application Security Engineer to lead application security initiatives and improve cybersecurity across gaming products and services. ...

Connections IT Services LLC
Fort Worth, Texas

The Web Application Security team collaborates with application owners, architects, and developers in order to integrate security tools such as web application firewalls and bot mitigation to protect our client’s websites and mobile apps. This individual is also responsible for collaborating with ap...

Promoted
VirtualVocations
Fort Worth, Texas

A company is looking for a Senior Application Security Engineer to execute its product security strategy. ...

INSPYR Solutions
Fort Worth, Texas

Performs application program interface security assessments and remediation activities as part of the API security program. Application security responsibilities:. Ensures teams are validating for OWASP and performing industry leading application security practices. Bachelor’s degree in Computer Sci...

Connections IT Services LLC
Fort Worth, Texas

Performs application program interface security assessments and remediation activities as part of the API security program. Work with application development personnel and other technical team members to review existing and/or new APIs/web services in support of quality implementations that align wi...

RingCentral
Fort Worth, Texas
Remote

Security Application Engineer, Application Security Team:. We are looking for a Security Application Engineer with a strong understanding of web and mobile application vulnerabilities, how they can be detected, exploited and remediated. The area of responsibility of the application security team inc...

Motion Recruitment
Fort Worth, Texas

Fort Worth, TX company is seeking a Application Security Engineer to join their team for a contract opportunity. Perform application program interface security assessments and remediation activities as part of the API security program. Bachelor’s Degree in Computer Science, Computer Engineering, Tec...

Promoted
Allied Universal
Fort Worth, Texas

Allied Universal, North America's leading security and facility services company, provides rewarding careers that give you a sense of purpose. Allied Universal has security jobs and are seeking to fill the position. ...