Senior / Lead Application Security Engineer - WorkWave

Company Description

IFS is a billion-dollar revenue company with 6000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.

At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.

We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.

By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.

We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.

If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.

Job Description

WorkWave is a field service management software that provides SaaS solutions for businesses in the service industry (HVAC, Plumbing & Electrical, Cleaning, Lawn & Landscape, Home Delivery, Logistics & Distribution). We empower these businesses to deliver exceptional customer experiences and grow their customer base on our efficient and easy-to-use platform.

WorkWave Team is looking for innovative Application Security Engineers who want to be part of a team of creative and talented individuals.  Our teams are a mix of technologists, product managers, development engineers, and UI/UX designers, all working together to deliver our vision.  You will be a part of our WorkWave team, helping to develop & support the WorkWave products

The ideal candidate should have expertise in compliance and security standards such as PCI DSS, SOC, ISO, and Privacy Shield / Data Privacy Framework. Key responsibilities include ensuring the security of desktop, web, and mobile applications through vulnerability assessments, penetration testing, security scans, and architecture design reviews. 

Responsibilities  

• Ensure application security measures comply with industry standards (e.g., PCI DSS, SOC 2, ISO 27001). Maintain security policies and support compliance audits.  
• Conduct regular vulnerability assessments and manage remediation. Implement and maintain vulnerability management tools. 
• Perform penetration testing on desktop, web, and mobile applications. Document the findings and collaborate with development teams to implement fixes. 
• Conduct regular security scans and audits using SAST, DAST, SCA, and IAST tools. 
• Review application architecture for security best practices, Provide secure coding guidance and participate in release readiness reviews.  
• Ensure data security through encryption and access controls. Implement data protection strategies and follow “Privacy by design” principles. 
• Perform network vulnerability assessments and firewall audits, and address potential security weaknesses. 
• Collaborate with cross-functional teams to integrate security into the SDLC.  
• Provide security training and assist in developing incident response plans. 

Qualifications

• Bachelor’s degree in computer science, Information Security, or related field. Relevant certifications such as CEH, CHFI, Security+, CSSLP  would be an added advantage. 
• 4+ years of experience in application security, focusing on desktop, web, and mobile applications. 
• Proven experience with compliance standards and frameworks (PCI DSS, SOC 2, ISO 27001, Privacy Shield). 
• Hands-on experience with vulnerability assessment tools and techniques (Qualys, Blackduck, Polaris, BurpSuite, Nmap, Firewalls, WAF, IDS, IPS, Kali Linux). 
• Strong background in penetration testing and security audits.  
• Familiarity with SAST, DAST, SCA, and IAST tools.  
• In-depth knowledge of application security principles, cryptography, authentication, and authorization. 
• Experience with secure coding practices and application architecture design review. 
• Ability to work independently and as part of a team.  
• Strong analytical and problem-solving skills, with excellent communication and interpersonal abilities. 

Additional Information

We believe that coming together as a community, in person, is important for innovation, connection and fostering a sense of belonging. Our roles have the right balance of remote and in-office working to enable flexibility for managing your life along with ensuring a real connection with your colleagues and the broader IFS community.