Security Engineer – Application Security

Security Minneapolis, Minnesota

As a leading provider of global information security solutions, Code42 secures the ideas of more than 50,000 organizations worldwide, including the most recognized brands in business and education. Because Code42 collects and indexes every version of every file, the company offers security, legal and IT teams total visibility and recovery of data wherever it lives and moves. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, with offices in London, Munich, San Francisco, Denver and Washington, D.C. We are proud to be funded by Accel Partners, JMI Equity, NEA and Split Rock Partners. 

Code42 is committed to providing all employees with engaging and challenging work, opportunity for growth, an equal voice to drive innovation, and an environment that cultivates authenticity. In return, we look for people who are inquisitive, enjoy solving complex problems, collaborate effectively, think creatively and provide diverse insights to help us all think better and differently. Come join us and #BeCode42

WHAT YOU’LL BE DOING:

We’re evolving security to operate at the speed of DevOps. Our Application Security Team provides streamlined security services that enable our development teams to build secure products faster, with a focus on security operations, security automation, and security consulting. We win when our product development teams have the context, resources, and tools needed to build, deploy, and maintain secure code autonomously.

 

You will bring your curiosity and leverage your technical expertise to identify and deliver high impact security solutions that scale across our infrastructure. You will help define and oversee our automated security testing, assist in the management and resolution of product vulnerabilities, develop security resources that provide greater real-time visibility to product, and provide practical, risk-based security expertise when consulting on new projects.

 

YOU’LL BE RESPONSIBLE FOR

  • Understanding security best practices and company security policy to provide actionable guidance for our product development teams
  • Partnering with our Site Reliability Engineering team to ensure security is sensibly applied across our operating environments
  • Identifying potential gaps and opportunities in existing security controls
  • Researching and designing automated security risk mitigation technologies for our cloud environments
  • Architecting and deploying secure cloud services cross-functionally in a DevOps environment, using both physical and virtual solutions
  • Integrating new environments/security tools into existing infrastructure
  • Ensuring tools used to support secure development are monitored for availability and performance
  • Other software engineering and operational application security responsibilities, as required

 SKILLS AND REQUIREMENTS: 

  • 4 year college degree preferably in a technical field AND 1-3 years of professional experience OR a combination of training and relevant work experience
  • The ability to challenge assumptions and consider new ways to solve old problems
  • Experience with delivering secure solutions via cloud services, such as AWS and Azure
  • The ability to effectively communicate and collaborate with cross-functional teams
  • Proficiency in at least one programming language
  • Solid understanding of software engineering and secure development principles
  • A desire to automate all the mundane and repetitive tasks

Preferred: 

  • Experience working with HashiCorp Terraform and/or Cloud Custodian
  • Experience using common IAM, logging, monitoring, configuration and system management technologies