Senior Application Security Engineer

Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability. Our mission is to create a safer, more sustainable and productive world.

Sphera is a portfolio company of Blackstone, a U.S.-based alternative asset investment company that focuses on private equity, technology and innovation, and more. Blackstone businesses succeed through strong partnerships, a personalized approach and a commitment to exceptional performance with uncompromising integrity. Sphera and Blackstone are leaders in the Environmental, Social and Governance (ESG) space.

We are guided by our core values of Customer Centricity, Accountability, Bias to Action, Innovation, and Collaboration. These values help us recruit the right talent to join our rapidly expanding team of around the globe. It is important to us that each and every Spherion is not only eager to challenge themselves and knows how to get work done but is an awesome addition to our company culture.

Application Security Engineers work closely with development teams, product managers (PM), and third-party groups to ensure that Sphera products are secure.  Reporting to the Director of Information Security, this role will support Sphera cloud and on-prem applications to ensure a wholistic vulnerability management approach.

Responsibilities

• Participate in and support application security reviews and threat modeling, including code review and dynamic testing.
• Own and perform application security vulnerability management.
• Facilitate and support the preparation of security releases.
• Support and consult with product and development teams in application security.
• Assist in creation of security training.
• Assist in development of automated security testing to validate that secure coding best practices are being used.
• Support dynamic and static vulnerability scanning tools
• Support open source software scanning tools

Requirements

• Familiarity with common security libraries, security controls, and common security flaws.
• Basic development or scripting experience and skills.
• Experience with OWASP, static/dynamic analysis, and common security tools.
• A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
• Experience working with developers.
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
• Experience identifying security issues through code review.
• Must be able to communicate effectively both verbally and in written form

Experience

• Bachelor’s degree in management information systems, Computer Science, or a related field.
• 7-10 years of experience
• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

Work Hours:

• Remote
• 14.30-23.30 IST

Sphera is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all colleagues.

This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. This job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position.