As a Senior Application Security Engineer working remotely from eastern US/Canada or remotely from the UK or in our Bristol, UK office where you will gain invaluable experience at a visionary identity security company. The position requires a passion for application security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment, excellent communications skills, and attention to latest security best practices.    

You will:    

●    Own multiple Security Engineering assignments working with Ping Identity products, processes and tooling    

●    Provide technical leadership and mentor other Product Security Engineers    

●    Assist in proposing, developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams    

●    Work with the product teams to perform architectural, security design/code reviews, vulnerability assessment and management    

●    Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, building custom tools and automation, and exploit development.    

●    Innovate in all aspects of automation of SSDLC tasks including use of Generative AI    

●    Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security    

●    Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product    

You have:    

●    4+ years of proficiency in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security    

●    4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience    

●    Exceptional problem-solving skills, curiosity about the inner workings of systems and showing attention to details and documentation    

●    Excellent written and oral communication skills    

You have an advantage if you have:     

●    Experience with Linux environments, administration, security, internals    

●    Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking)    

●    Experience in securing machine learning or generative AI platforms    

●    Experience with CI/CD cloud deployment in Amazon AWS, Azure or Google Cloud Platform    

●    Security certifications such as CISSP, CSSLP, GIAC, OSCP