Are you searching for an opportunity to play a key role in driving the dramatic growth of a highly successful software company?
Here at Poppulo the market’s most comprehensive omnichannel employee communications platform with unmatched personalization, measurement capabilities, and class-leading space management solution. And we want you to be part of it.
We serve 6,000+ customers, connecting with and serving content to over 35 million employees in more than 80 countries.
Confidence can sometimes hold us back from applying for a job. But truly, there's no such thing as a 'perfect' candidate. We are a place where everyone can grow. So however you identify and whatever background you bring with you, please apply if you meet the requirements of this role in the broadest sense and if this is a role that would make you excited to come to work every day.
- Manage the application security team to evaluate and analyze the security posture of the organization's SaaS and on-premise software products.
- Oversee application security vulnerability testing and is familiar with application Pen test tools and methodologies.
- Meet or exceed contractual and compliance obligations for application Pen testing and software composition.
- Work closely with Product and Development teams to ensure that vulnerabilities are remediated in a timely manner.
- Collaborate with product and development teams in application security and application architecture.
- Work closely with the Operational security team on end point scanning and attack surface security.
- Ensure that SCA and the resultant SBOM are commensurate with the organization's risk posture and licensing requirements.
- Responsible for ensuring that the Development team receives periodic training on secure development practices.
- Formalizing a bug bounty program for the intake of discovered vulnerabilities.
- Participate in and support application security reviews and threat modeling.
- Performs audits of development to ensure adherence to the SDLC.
- Growing the organization's application and infrastructure security program to address the ever-evolving threat landscape.
Candidate Expertise Required
- 2-3 years managing web application security.
- 2+ years working on security principles in software engineering with expert knowledge in Open Web Application Security Project (OWASP) security principles.
- Working knowledge of software vulnerabilities and CVE ratings.
- Experienced in Network, Web and Mobile technologies and vulnerabilities
- Familiarity with penetration testing tools such as Nessus vulnerability scanners, Burp Suite Pro, Metasploit, Kali Linux.
- Ability to test a variety of projects simultaneously and to learn new tools and security testing methodologies in a team-oriented environment
- Working knowledge of CI/CD pipelines and traditional software deployment methods.
- Working knowledge of AWS and Azure container solutions, including Kubernetes.
- Working knowledge of container lifecycles and container security
- Familiarity with AWS, Azure, and data center technologies.
- Knowledgeable about source code repositories and software composition analysis
- Experience with common security libraries, security controls, and common security flaws.
- Basic development or scripting experience and skills.
- Experience with OWASP, SAST/DAST analysis, and common security tools.
- A basic understanding of network and web related protocols (e.g. TCP/IP, UDP, HTTP, HTTPS, protocols).
- Comfortable working with developers and product managers.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Conduct or procure secure coding training for Software Engineers.
- Facilitate our secure SDLC which includes AVS scanning, SD3+C, and PD3+C methodologies, etc.
- Facilitate security design sessions, documenting and diagramming the proposed design.
- Perform threat modeling using DREAD and STRIDE.
- Review and maintenance of service documentation.
- Develop detailed vulnerability reports for application owners and management teams.
- Conduct detailed penetration test report read-outs with application owners and management teams and provide remediation recommendations.
- Assist with application security standards and policy documentation
- Excellent organizational, analytical, verbal and written communication skills are essential.
- Strong customer service skills.
Compensation range: $120,000 - $140,000 plus variable.
- A “Great Places to Work” listed company – so we really do value people
- Ability to meaningfully impact our business and play a key role in our success
- Flexible PTO and 10 days paid leave.
- Competitive compensation package
- Potential for career advancement in a fast paced growing organization
- Competitive Medical, Dental, and Vision Benefits and Monthly contributions to your Health Savings Account
- 401k with Employer Match
- Fun, flexible working environment
- Maternity, Parental, Adoption and Bereavement Leave. Funding towards adoption costs.
- Life Insurance
Who We Are
We are a values-driven organization that encourages our employees to bring their authentic selves to work every day and empowers everyone to make a tangible impact on our products, clients and culture. We offer a dynamic environment with driven, fun and flexible individuals, who thrive on challenge and responsibility. This is an opportunity to contribute to our culture and join a company that’s on the move.
Named a Great Place to Work in 2015, 2016, 2017, 2018, 2019, 2020 and 2021 , we are one of the fastest growing technology companies in Ireland with additional offices in the US and the UK.
This is an opportunity to contribute to our culture and join a company that’s on the move. We live the Poppulo company values each day and they are key to everything we do.
“Bring Your Best Self”, “See It”, “Own It”, “Solve It”, and “Together We're Better”
Poppulo is an equal opportunity employer.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided