isecjobs.com

Principal Application Security Engineer

New York, New York, United States - Remote

Full Time Senior-level / Expert USD 160K - 200K
Blackbird.AI logo

Blackbird.AI

View all jobs at Blackbird.AI

Apply now Apply later

Blackbird.AI helps organizations discover emergent threats and stay one step ahead of real-world harm through our AI-powered Narrative and Risk Intelligence Platform. Our commitment is to prioritize safety and security, providing the tools to identify potential risks and ensure a safer environment proactively. No matter the job or where it’s located, we’re all connected by a shared vision: To lead and enhance the landscape of risk intelligence. 

We are seeking a highly skilled Principal Application Security Engineer to join our team. Reporting directly to the CISO, you will play a critical role in securing our applications and infrastructure hosted on AWS and Kubernetes. Your expertise will be instrumental in helping us achieve key security certifications such as SOC 2, overseeing penetration testing, and implementing best practices to enhance our security posture.

As the Principal Application Security Engineer, you’ll have the chance to:

What you’ll do: 

  • Security Strategy and Leadership
    • Develop and implement a comprehensive application security strategy aligned with company objectives.
    • Lead initiatives to achieve security certifications, including SOC 2, FEDRAMP, GDPR compliance.
    • Collaborate with cross-functional teams to integrate security best practices into all stages of the Software Development Lifecycle (SDLC).
  • Application and Infrastructure Security
    • Assess and enhance the security of applications hosted in AWS and Kubernetes environments.
    • Conduct regular security assessments, code reviews, and vulnerability scans.
    • Implement security controls and policies to protect against threats and vulnerabilities.
  • Compliance and Certification
    • Prepare and lead efforts to achieve SOC 2 certification and maintain compliance.
    • Coordinate with external auditors and ensure all security documentation is up-to-date.
    • Monitor and enforce compliance with industry standards and regulations.
  • Penetration Testing and Risk Assessment
    • Plan and oversee regular penetration testing activities.
    • Analyze test results and work with development teams to remediate identified vulnerabilities.
    • Continuously monitor for emerging threats and adjust security strategies accordingly.
  • Education and Mentorship
    • Provide training and mentorship to engineering teams on secure coding practices.
    • Promote a culture of security awareness throughout the company

Requirements

What you’ll bring: 

  • Education and Experience
    • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
    • Minimum of 10 years of experience in application security engineering.
    • Proven experience in achieving security certifications such as SOC2, FEDRAMP, GDPR etc.
  • Technical Skills
    • Deep understanding of AWS services and security best practices.
    • Strong knowledge of security principles, practices, and technologies related to AWS and Kubernetes.
    • In-depth understanding of web, API, and microservices security.
    • Expertise in cloud infrastructure security, especially AWS services like IAM, EC2, S3, and Lambda.
    • Solid grasp of common security vulnerabilities and mitigation techniques, especially in containerized environments (Docker, Kubernetes).
    • Familiarity with DevSecOps practices and CI/CD pipelines.
    • Hands-on experience with security tools such as static/dynamic analysis tools (SAST/DAST), vulnerability scanners, and penetration testing frameworks.
    • Proficient in security assessment tools and methodologies.
    • Strong knowledge of compliance frameworks and standards (e.g., SOC 2, ISO 27001).
    • Experience with penetration testing tools and techniques.
    • Familiarity with programming languages such as Python, Go, or Java.
  • Certifications (Preferred)
    • CISSP, CISM, OSCP, or other relevant security certifications.

Preferred Qualifications

  • Strong leadership and communication skills.
  • Ability to work collaboratively in a fast-paced environment.
  • Detail-oriented with a strong commitment to excellence.

We’ve outlined specific skills, experience, and requirements for this position, but don’t stress if you don’t meet every single one. Our Talent Team is dedicated to discovering exceptional individuals, and they might identify a relevant aspect of your background that suits this role or another opportunity within Blackbird.AI.

If you have passion for the role, please still apply.

What’s in it for you:

Blackbird.AI is embarking on an exciting growth journey with numerous opportunities for career development within the company. You will join a nurturing, inclusive, and experienced team. 

Join us as we soar to new heights!

Values:

At Blackbird.AI, our core values shape how we work and make decisions. Our values inspire us to be authentic and continue improving. 

We embrace a strong sense of responsibility to society, recognizing the vital role our services play in empowering governments, communities, and individuals to foster critical thinking and empowerment. We believe in integrating personal and professional lives with societal needs, emphasizing the importance of creating an environment that attracts top talent and provides substantial growth opportunities. We are motivated by the potential of science and technology to impact humanity positively. 

Benefits

Why you’ll love working here:

  • Competitive compensation package, 401(k), and equity - everyone has a stake in our growth!
  • Comprehensive health benefits for you and your loved ones, including wellness days and monthly wellness reimbursements - an apple a day doesn’t always keep the doctor away!
  • Generous vacation policy, encouraging you to take the time you need - we trust you to strike the right work/life balance!
  • A flexible work environment with opportunities to collaborate with your team in person - you can have it all!
  • Inclusion and Impact - soar to new heights!
  • Bi-annual offsites - have fun with your colleagues!
  • Professional development stipend - never stop learning!

Pay Transparency:

For individuals assigned and/or hired to work in New York, Blackbird.AI is required by law to include a reasonable estimate of the compensation range for this role. This compensation range is specific to New York. It takes into account the wide range of factors that are considered in making compensation decisions, including, but not limited to, skill sets, experience and training, licensure and certifications, and other business and organizational needs. At Blackbird.AI, it is not typical for an individual to be hired at or near the top of the range for their role, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current compensation range for this position is expected to be $160,000-$200,000. This range may vary for positions outside of New York and as it has not been adjusted for the applicable geographic differential associated with the location where the position may be filled. 

Regardless of location, candidates can expect during the first few conversations with Blackbird.AI’s Talent Team and Hiring Managers to share any approved budget.

Apply Today

Equal Opportunity Employer

Apply now Apply later
  • Share this job via
  • 𝕏
  • or
Job stats:  0  0  0
Categories: AppSec Jobs Security Engineering Jobs

Tags: APIs Application security AWS Business Intelligence CI/CD CISM CISO CISSP Cloud Compliance Computer Science DAST DevSecOps Docker EC2 FedRAMP GDPR IAM ISO 27001 Java Kubernetes Lambda Microservices OSCP Pentesting Python Risk assessment S3 SAST SDLC Security assessment Security strategy SOAR SOC SOC 2 Strategy Vulnerabilities Vulnerability scans

Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Flex vacation Health care Wellness

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsDocker jobsCompTIA jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsCyber defense jobsVPN jobsIT infrastructure jobsJavaScript jobsSOC 2 jobsAnsible jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs