Convera is Hiring a Sr. Cyber Security Engineer Near Denver, CO
Job Responsibilities
Overhaul and take ownership of our AST (Snyk) platform and work with developers to resolve valid findings and reduce false positives.
Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities.
Help launch our HackerOne bug bounty program and work directly with participants and various stakeholders to ensure findings are resolved in a timely manner.
Conduct Threat Modeling and Risk Assessment exercises for various services across our platform.
Improve upon and further integrate the Secure Development Lifecycle (SDLC) into product design and engineering efforts.
Desired background
5 years experience in an application security related or software development roles.
Demonstrated experienced with identifying and resolving common web application vulnerabilities (Ex: OWASP Top 10 and the OWASP API Top 10)
Candidate would consider themselves a Burp Suite SME. (or competing toolset)
Hands on experience with a leading AST SaaS solution (Checkmarx, Snyk, Veracode, etc.)
Participation in various bug bounty platforms and programs is a plus. (Ex: HackerOne / Bugcrowd)
Previous experience pen-testing or experience with CTF / Red Blue Teams is a plus.
High level software development skills; basic scripting, functional programming experience, familiarity with code repositories and deploy pipelines, etc.