DurhamRecruiter Since 2001
the smart solution for Durham jobs

Application Security Engineer

Company: Avalara
Location: Durham
Posted on: September 14, 2019

Job Description:

Job Summary

Join us in building a secure platform supporting Avalara's expanding business. In this role you will have the opportunity to engage with the best and brightest engineers and architects as they build our future application and service capabilities, while ensuring our current generation solutions continue to deliver the trust and reliability our customers expect. If you want to make a big difference in a fast-moving environment without endless meetings, if you want to set your direction instead of having it set for you, if you want to have all of the benefits of startup and an established company, we want to talk to you.

Our ideal application security engineer has experience working on a variety of platforms and technologies and is passionate about identifying and managing risks. Security can be complex, so you will be responsible to make it simple, but make its impact significant in our engineering organizations. You will provide guidance, training, and support. You will be able to talk tech and business. You will work hard to find the right solution, not the first solution. You thrive on challenge and you are not afraid to dig in, all while having fun and not getting too serious.

Job Duties

  • Setting strategic direction for application security within Avalara, including processes, tools, metrics, and reporting
  • Performing code and design reviews of internal and customer-facing software products and solutions
  • Providing training, education, awareness, and communication to development and engineering groups
  • Developing and implementing manual and automated security tests
  • Designing, developing, and implementing software development policies, standards, procedures, and technical controls
  • Participating in penetration testing activities, managing relationships with third party assessors
  • Participating in incident handling and response
  • Participating in M&A due diligence and integration processes


    • 5+ years' experience performing manual code review and analysis
    • 5+ years' experience with application security tools such as HP Fortify, Checkmarx CxSAST, or BlackDuck OSS
    • Deep technical knowledge and experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10
    • Experience working with a variety of development tools, languages, and environments, including .NET, Java, PHP, Node.js, Ember, SQL Server, and Amazon Web Services
    • Experience working in a multi-tenant SaaS environment, service-oriented architecture and web service security
    • Experience with agile software development processes and methodologies
    • Working knowledge of source code repositories including Git
    • Experience developing and securing applications in AWS

      Preferred Qualification

      • Bachelor's Degree in Computer Science, Engineering, or related field
      • Experience working with web vulnerability scanners such as Acunetix WVS or NTO Spider
      • Security certifications including CISSP, CSSLP, and GIAC GWAPT
      • Knowledge of regulatory and compliance standards including PCI, SSAE18 SOC 1/2, SOX, and GDPR
      • Hands on experience in a continuous integration/continuous deployment environment

        The perks of working at Avalara go beyond amazing physical spaces and a Tiki Bar. We're committed to continued progress in diversity and inclusion. As an employee at Avalara, you'll have the opportunity to join resource groups focused on diversity of thought, engage with your local or global community about topics that matter to you and the organization and receive continued education around inclusion and development. As Avalara grows, so do the voices within it. It's time to hear your voice.

        Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, sex, age, gender, nation of origin, disability, sexual orientation, US Veteran status, or any other factor protected by law. We thrive on diversity and encourage people from all walks of life to apply to Avalara's open positions.


Keywords: Avalara, Durham , Application Security Engineer, Engineering , Durham, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Engineering Jobs

Associate Process Engineer
Description: The Associate Process Engineer works within the Cell Therapy Development team and will participate in process development efforts, delivering best-in-class manufacturing methods for allogeneic T cell (more...)
Company: Precision BioSciences
Location: Durham
Posted on: 09/20/2019

POS/Production Support Engineer
Description: Job ID: NC-606123 96990923 POS/Production Support Engineer with Card Payment software, ServiceNow must , MS Access/Visio and BA experience Location: Raleigh NC DOT Duration: 12 monthsInterview: In-person (more...)
Company: Innosoul inc
Location: Raleigh
Posted on: 09/20/2019

Satellite Cable Technician - Raleigh, NC Region
Description: Custom Communications, Inc.Supplying award-winning, mobile field service technicians for over twenty years CCI is one of the nation's largest providers of managed mobile field services. Over the last (more...)
Company: Custom Communications, Inc.
Location: Wilson
Posted on: 09/20/2019

Diesel Mechanic
Description: Join the Red Crew as a Diesel Mechanic br br Red Classic is the dedicated carrier and wholly owned subsidiary of Coca-Cola Consolidated, Inc. At Red Classic we provide technicians with the training, (more...)
Company: Red Classic - Maintenance Mechanic
Location: Chapel Hill
Posted on: 09/20/2019

DevOps Engineer / Lead - PA, NY, NC
Description: Sensiple Inc., service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, (more...)
Company: E*Pro, Inc.
Location: Raleigh
Posted on: 09/19/2019

Automation Engineer
Description: FOR IMMEDIATE CONSIDERATION SEND RESUME TO AMY.MARSTON RHT.COM The primary function of the role is to design develop and implement automated tools and test infrastructure for validating features (more...)
Company: Robert Half Technology
Location: Raleigh
Posted on: 09/20/2019

Diesel Technician/Mechanic III - Entry Level
Description: br br What's the Job br Ready to accelerate your career while helping our customers move forward As a Technician III at Penske, you'll do exactly that. Here, you'll do preventative maintenance (more...)
Company: Penske
Location: Greensboro
Posted on: 09/20/2019

Senior Cloud Engineer
Description: Are you constantly thinking about how IT operations and applications are being delivered inefficiently Have you looked at technology stacks and processes and know that there are more effective ways to (more...)
Company: Nebulaworks
Location: Raleigh
Posted on: 09/20/2019

Refrigerant Piping Mechanic
Description: Newcomb and Company Raleigh, NC About Us: Founded in 1954, Newcomb and Company is a full-service mechanical contractor providing customers in the commercial, residential, and industrial sectors with innovative, (more...)
Company: EMCOR Group
Location: Raleigh
Posted on: 09/20/2019

SDET/Quality Engineer
Description: Candidates for the Senior Quality Engineer role work in conjunction with the engineering team to develop quality test case scenarios for web-based software applications. The expectation is that this person (more...)
Company: York Solutions, LLC
Location: Raleigh
Posted on: 09/20/2019

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Durham RSS job feeds