RingCentral
Security Application Engineer, DAST Scanning (remote US)
RingCentral, Belmont, California, United States, 94002
Security Application Engineer, DAST Scanning (remote US)
RingCentral
is a cloud communications leader that fosters career development and provides leadership training, education, workshops, and coaching for all employees. The RingCentral Application Security team is a part of a larger CISO-led organization. The area of responsibility of the application security team includes enablement and support for RingCentral’s Security Development Lifecycle (SDL) program.The RingCentral environment is dynamic, success-driven, team-oriented, and committed to providing world-class service for its customers through the security of its products. Do you have the ability to thrive in a fast-paced but work-life balanced environment? We are looking for candidates with an entrepreneurial spark! This role requires US citizenship.We are looking for a Security Application Engineer with a strong understanding of web and mobile application vulnerabilities, how they can be detected, exploited, and remediated.Responsibilities:Consult developers on questions related to reports of security scanners, which includes:As needed, explain why an issue should be considered a vulnerability.Explain circumstances under which an issue might be exploitable.Provide suggestions on how an issue can be remediated using internal security controls.Review and validate issues marked as potential false positives by developers; request additional clarifications where required.Report breached security defects within company SLAs.Review and improve security scanner configurations:Review scanning rules in presets, make sure that important rules are enabled, and irrelevant rules are disabled.Make sure security scanners do not miss production code/applications, as well as do not scan testing-only code/applications.Where possible and required, adjust scanning rules to improve their accuracy.Collaborate with legal to ensure that license violation rules for open-source software are configured correctly.Qualifications:Extensive experience with web and mobile application setup and testing for SAST/DAST.Experience with penetration testing using tools like Burpsuite.Technical experience in software architecture, design, implementation, and security code reviews.Experience with open-source software including lifecycle management and vulnerability management tools.Experience working with developers to provide guidance on vulnerability management.Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments, appropriately targeted for colleagues and upper management.Outstanding organizational and time management skills, desire to work within a highly collaborative team.Nice-To-Have:WebRTC, Video, and audio streaming experience.B.S. or equivalent in CS or EE.What we offer:RingCentral offers all the work/life benefits you could ever want, (and none of the micromanagement).Health Savings Account (HSA), Flexible Spending Account (FSAs), and Commuter Benefits.401K match and ESPP.Flexible PTO.Wellness programs including 1:1 wellness coaching through TaskHuman and meditation guidance through Headspace.Paid parental leave and new parent gift boxes.Employee Assistance Program (EAP) with counseling sessions available 24/7.Rocket Lawyer services that provide legal advice, document creation, and estate planning.Employee bonus referral program.RingCentral’s work culture is the backbone of our success. We are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. We are committed to hiring and retaining great people because we know you power our success.About RingCentral:RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone (MVP) global platform. More flexible and cost-effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.If you are hired in Colorado or Texas, the compensation range for this position is between $120,000 and $160,000. If you are hired in Belmont, the compensation range for this position is between $140,000 and $180,000.RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We are committed to providing reasonable accommodations for individuals with disabilities during our application and interview process. If you require such accommodations, please click on the following link to learn more about how we can assist you.
#J-18808-Ljbffr
RingCentral
is a cloud communications leader that fosters career development and provides leadership training, education, workshops, and coaching for all employees. The RingCentral Application Security team is a part of a larger CISO-led organization. The area of responsibility of the application security team includes enablement and support for RingCentral’s Security Development Lifecycle (SDL) program.The RingCentral environment is dynamic, success-driven, team-oriented, and committed to providing world-class service for its customers through the security of its products. Do you have the ability to thrive in a fast-paced but work-life balanced environment? We are looking for candidates with an entrepreneurial spark! This role requires US citizenship.We are looking for a Security Application Engineer with a strong understanding of web and mobile application vulnerabilities, how they can be detected, exploited, and remediated.Responsibilities:Consult developers on questions related to reports of security scanners, which includes:As needed, explain why an issue should be considered a vulnerability.Explain circumstances under which an issue might be exploitable.Provide suggestions on how an issue can be remediated using internal security controls.Review and validate issues marked as potential false positives by developers; request additional clarifications where required.Report breached security defects within company SLAs.Review and improve security scanner configurations:Review scanning rules in presets, make sure that important rules are enabled, and irrelevant rules are disabled.Make sure security scanners do not miss production code/applications, as well as do not scan testing-only code/applications.Where possible and required, adjust scanning rules to improve their accuracy.Collaborate with legal to ensure that license violation rules for open-source software are configured correctly.Qualifications:Extensive experience with web and mobile application setup and testing for SAST/DAST.Experience with penetration testing using tools like Burpsuite.Technical experience in software architecture, design, implementation, and security code reviews.Experience with open-source software including lifecycle management and vulnerability management tools.Experience working with developers to provide guidance on vulnerability management.Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments, appropriately targeted for colleagues and upper management.Outstanding organizational and time management skills, desire to work within a highly collaborative team.Nice-To-Have:WebRTC, Video, and audio streaming experience.B.S. or equivalent in CS or EE.What we offer:RingCentral offers all the work/life benefits you could ever want, (and none of the micromanagement).Health Savings Account (HSA), Flexible Spending Account (FSAs), and Commuter Benefits.401K match and ESPP.Flexible PTO.Wellness programs including 1:1 wellness coaching through TaskHuman and meditation guidance through Headspace.Paid parental leave and new parent gift boxes.Employee Assistance Program (EAP) with counseling sessions available 24/7.Rocket Lawyer services that provide legal advice, document creation, and estate planning.Employee bonus referral program.RingCentral’s work culture is the backbone of our success. We are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. We are committed to hiring and retaining great people because we know you power our success.About RingCentral:RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone (MVP) global platform. More flexible and cost-effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.If you are hired in Colorado or Texas, the compensation range for this position is between $120,000 and $160,000. If you are hired in Belmont, the compensation range for this position is between $140,000 and $180,000.RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We are committed to providing reasonable accommodations for individuals with disabilities during our application and interview process. If you require such accommodations, please click on the following link to learn more about how we can assist you.
#J-18808-Ljbffr