LivePerson

AppSec Engineer II

LivePerson

full-time

Posted on:

Location Type: Remote

Location: Bulgaria

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudGoogle Cloud PlatformJavaJavaScriptNode.jsOpen SourcePython

About the role

  • Manage and enhance application security tools (Static Code Analysis, Open Source vulnerabilities tools, Dynamic Application Security tools, etc), integrations, and develop in-house application security automation tools
  • Validate discovered vulnerabilities using code review skills and manual/semi-automatic tooling like Burp.
  • Validate external penetration test results and work with internal and external stakeholders.
  • Perform some security penetration tests (both application and infrastructure for Web and mobile applications)
  • Work with the engineering and security teams to provide actionable reporting, find and explain security issues, suggest mitigations, and determine when issues are mitigated.
  • Stay up to date on the latest testing tools and techniques ensuring both your and the team is using the most effective and efficient methods.
  • Produce both high level and detailed reports and metrics to support data-based decisions.
  • Assist in creating and updating Application Security procedures, policy, standards and guidelines
  • Train, coach and mentor other members of the team, development and the broader LivePerson Security and Engineering teams.

Requirements

  • Understanding of software security architecture and design
  • Broad experience of information security and AppSec testing techniques
  • Have practical experience in an application security role with manual testing
  • Solid understanding of cloud environments (GCP especially), web protocols, weaknesses and vulnerabilities
  • Good working knowledge of current IT risks and experience testing, exploitation and mitigation techniques
  • Working knowledge or experience with one or more of the following: Shell, Java, Python, or Node.js
  • Experience developing automation and exploitation scripts
  • Experience or strong interest in penetration testing, including cloud deployed applications
  • Ability to interact with a broad cross-section of personnel to explain security vulnerabilities
  • Highly curious and dedicated to continuous learning
  • Excellent written and verbal communication skills
Benefits
  • Health: medical, dental, and vision
  • Time away: 28 vacation days
  • Development: Generous tuition reimbursement and access to internal professional development resources.
  • Additional: Food Vouchers.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Static Code AnalysisOpen Source vulnerabilities toolsDynamic Application Security toolscode reviewBurppenetration testingapplication security automationShellJavaPython
Soft Skills
communicationtrainingcoachingmentoringcuriositydedication to continuous learninginterpersonal skillsreportingcollaborationproblem-solving