Principal Application Security Engineer
: Job Details :


Principal Application Security Engineer

Blackbird

Location: New York,NY, USA

Date: 2024-11-14T07:18:17Z

Job Description:

BLACKBIRD.AI protects organizations from narrative attacks created by deepfakes, misinformation and disinformation that cause financial and reputational harm. Our Constellation AI-driven Narrative Intelligence Platform - identifies key narratives that impact your organization/industry, the influence behind them, the networks they touch, the anomalous bot behavior that scales them, and the cohorts and communities that connect them. This information enables organizations to proactively understand narrative threats as they scale and become harmful for better strategic decision-making. A diverse team of AI experts, threat intelligence analysts, and national security professionals founded Blackbird.AI to defend information integrity and fight a new class of narrative threats. We are seeking a highly skilled Principal Application Security Engineer to join our team. Reporting directly to the CISO, you will play a critical role in securing our applications and infrastructure hosted on AWS and Kubernetes. Your expertise will be instrumental in helping us achieve key security certifications such as SOC 2, overseeing penetration testing, and implementing best practices to enhance our security posture. As the Principal Application Security Engineer, you will:

  • Security Strategy and Leadership
    • Develop and implement a comprehensive application security strategy aligned with company objectives.
    • Lead initiatives to achieve security certifications, including SOC 2, FEDRAMP, GDPR compliance.
    • Collaborate with cross-functional teams to integrate security best practices into all stages of the Software Development Lifecycle (SDLC).
  • Application and Infrastructure Security
    • Assess and enhance the security of applications hosted in AWS and Kubernetes environments.
    • Conduct regular security assessments, code reviews, and vulnerability scans.
    • Implement security controls and policies to protect against threats and vulnerabilities.
  • Compliance and Certification
    • Prepare and lead efforts to achieve SOC 2 certification and maintain compliance.
    • Coordinate with external auditors and ensure all security documentation is up-to-date.
    • Monitor and enforce compliance with industry standards and regulations.
  • Penetration Testing and Risk Assessment
    • Plan and oversee regular penetration testing activities.
    • Analyze test results and work with development teams to remediate identified vulnerabilities.
    • Continuously monitor for emerging threats and adjust security strategies accordingly.
  • Education and Mentorship
    • Provide training and mentorship to engineering teams on secure coding practices.
    • Promote a culture of security awareness throughout the company
Requirements
  • Education and Experience
    • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
    • Minimum of 10 years of experience in application security engineering.
    • Proven experience in achieving security certifications such as SOC2, FEDRAMP, GDPR etc.
  • Technical Skills
    • Deep understanding of AWS services and security best practices.
    • Strong knowledge of security principles, practices, and technologies related to AWS and Kubernetes.
    • In-depth understanding of web, API, and microservices security.
    • Expertise in cloud infrastructure security, especially AWS services like IAM, EC2, S3, and Lambda.
    • Solid grasp of common security vulnerabilities and mitigation techniques, especially in containerized environments (Docker, Kubernetes).
    • Familiarity with DevSecOps practices and CI/CD pipelines.
    • Hands-on experience with security tools such as static/dynamic analysis tools (SAST/DAST), vulnerability scanners, and penetration testing frameworks.
    • Proficient in security assessment tools and methodologies.
    • Strong knowledge of compliance frameworks and standards (e.g., SOC 2, ISO 27001).
    • Experience with penetration testing tools and techniques.
    • Familiarity with programming languages such as Python, Go, or Java.
  • Certifications (Preferred)
    • CISSP, CISM, OSCP, or other relevant security certifications.
Preferred Qualifications
  • Strong leadership and communication skills.
  • Ability to work collaboratively in a fast-paced environment.
  • Detail-oriented with a strong commitment to excellence.
We've outlined specific skills, experience, and requirements for this position, but don't stress if you don't meet every single one. Our Talent Team is dedicated to discovering exceptional individuals, and they might identify a relevant aspect of your background that suits this role or another opportunity within Blackbird.AI. If you have passion for the role, please still apply. What's in it for you: Blackbird.AI is embarking on an exciting growth journey with numerous opportunities for career development within the company. You will join a nurturing, inclusive, and experienced team. Join us as we soar to new heights! Values: At Blackbird.AI, our core values shape how we work and make decisions. Our values inspire us to be authentic and continue improving. We embrace a strong sense of responsibility to society, recognizing the vital role our services play in empowering governments, communities, and individuals to foster critical thinking and empowerment. We believe in integrating personal and professional lives with societal needs, emphasizing the importance of creating an environment that attracts top talent and provides substantial growth opportunities. We are motivated by the potential of science and technology to impact humanity positively. BenefitsWhy you'll love working here:
  • Competitive compensation package, 401(k), and equity - everyone has a stake in our growth!
  • Comprehensive health benefits for you and your loved ones, including wellness days and monthly wellness reimbursements - an apple a day doesn't always keep the doctor away!
  • Generous vacation policy, encouraging you to take the time you need - we trust you to strike the right work/life balance!
  • A flexible work environment with opportunities to collaborate with your team in person - you can have it all!
  • Inclusion and Impact - soar to new heights!
  • Professional development stipend - never stop learning!
Location & Work Eligibility: We are only able to hire candidates currently residing in the U.S. and specifically within the Northeast region. Unfortunately, we cannot offer visa sponsorship for this role. Applicants must be legally authorized to work in the U.S. without future sponsorship. Candidates applying for this position should meet the residency requirement and be able to provide proof of U.S. work authorization. Pay Transparency: For individuals assigned and/or hired to work in New York, Blackbird.AI is required by law to include a reasonable estimate of the compensation range for this role. This compensation range is specific to New York. It takes into account the wide range of factors that are considered in making compensation decisions, including, but not limited to, skill sets, experience and training, licensure and certifications, and other business and organizational needs. At Blackbird.AI, it is not typical for an individual to be hired at or near the top of the range for their role, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current compensation range for this position is expected to be $160,000-$200,000. This range may vary for positions outside of New York and as it has not been adjusted for the applicable geographic differential associated with the location where the position may be filled. Regardless of location, candidates can expect during the first few conversations with Blackbird.AI's Talent Team and Hiring Managers to share any approved budget. Apply Today Equal Opportunity Employer
Apply Now!

Similar Jobs (0)