Entegral Senior Application Security Engineer

Entegral is seeking a motivated, adaptable, career-minded teammate who would like to utilize their skill set in a thriving agile-methodology environment. We offer competitive career advancement opportunities, a comprehensive benefits package and  promote a work-life balance. We’re in search of talented people who are inspired by big challenges, driven to learn and grow, and dedicated to making a meaningful difference.

ABOUT THE ROLE

As a Senior Application Security Engineer, you will work to support the application security program and collaborate with product engineering teams related to these activities. You will work to both collect and disseminate information throughout the business to ensure processes and procedures are operating efficiently and effectively. You will support the developers in their efforts to create and maintain secure applications and assist in the documentation and tracking of various application security efforts.

ABOUT ENTEGRAL

Entegral is a SaaS business-to-business solution that enhances the customer experience from the moment after an accident to the completion of the claim. Entegral  is an integrated software platform that enables communication and collaboration between tens of thousands of collision repair shops, insurance providers and other industry professionals around the world. Owned by Enterprise Mobility, the world’s largest car rental provider and operator of the Enterprise Rent-A-Car® brand, Entegral complements the value of Enterprise’s acclaimed Automated Rental Management System (ARMS®) software by increasing efficiency throughout the claims process.

We are a  global organization that strives to provide an inclusive environment where all employees can thrive. Our products reflect the diversity of our team and we work to ensure that our products meet the needs of all of our customers. At Entegral, we recognize the value of diverse perspectives in everything we do and strive to ensure employees of all backgrounds feel empowered to voice their ideas and bring their authentic selves to work. We achieve these priorities through inclusive programs, benefits, and initiatives that are integrated into the fabric of how we work every day. We refine and challenge our Agile mindset through various communities of practice, days of development, and innovation days.

Our culture values diversity, engagement, and discovery and we welcome you to join our team.

WHAT WE OFFER 

AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, PA, TN, TX, VA, WA and WI.

Entegral is an equal opportunity employer committed to hiring a diverse workforce.

The compensation information below is provided in compliance with job posting disclosure requirements in New York.

Pay Range: [$127,000.00 - 158,800.00]

Actual base pay will depend on varying circumstances, including the position, location, individual qualifications, market finances, and other operational business needs. Depending on the position, compensation may also include bonuses. 

Entegral also offers a benefits package including paid vacation, paid parental leave, sick leave, and flex days; medical, dental, and vision insurance benefits; dependent spending account, health savings account, life and disability insurance; fertility benefits, Employee Assistance Programs; profit sharing and 401(k) employer match.

• Serve as a consultative security subject matter expert with the development teams throughout the software engineering process – including performing security reviews and guiding remediation at various stages of the SDLC
• Build partnerships with other engineering teams, providing expertise in application security best practices
• Ensure critical vulnerabilities are identified, communicated to team members, and help drive delivery of mitigations
• Research and recommend changes to procedures and systems to enhance application and data security
• Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts
• Coordinate, participate in, and manage application security projects
• mplement tools to test and enforce application security best practices as part of the DevSecOps pipeline
• Automate security processes to reduce as much manual work as possible
• Maintain current situational awareness of trends in cybersecurity threats and specific Entegral organizational threats
• Use appropriate interpersonal styles and subject matter knowledge to partner, gain trust, and influence across the organization
• Delivering best-in-class customer service to internal customers

Equal Opportunity Employer/Disability/Veterans

#LI-REMOTE

• Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
• Minimum, high school diploma or GED
• Must be at least 18 years of age
• Must be located in one of the following locations: AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, PA, TN, TX, VA, WA or WI
• 5+ years of Application Security related experience to include:
  •   Proficiency in application security assessment tools (e.g., DAST, SAST, SCA)
  •   Strong understanding of web application security principles and frameworks (e.g., OWASP To10, SANS CWE Top 25)
  •   Experience with secure coding practices in languages such as Java, Python, JavaScript, and others
  •   Familiarity with CI/CD integrations, tools, and processes (e.g., Jenkins, GitLab, Docker)
  • Working experience collaborating with developers on resolving application testing issues

 Preferred:

•   Experience with advanced appsec testing tools, methodologies, and capabilities (e.g., fuzzing, SBOM, container scanning)
•   Experience with GitLab
•   Experience with API security
•   Experience with Mobile application security
•   Experience with Invicti/Netsparker (DAST)
•   Experience with secrets management and related security practices
•   Experience with appsec champions programs
•   Experience with container and kubernetes security

Qualified candidates should also possess:

• Demonstrated ability and examples of keeping current on technology trends
• Good communication and collaboration skills
• Experience with designing new methods and working with existing patterns in a previous role
• Experience leading initiatives or teams from a technical perspective
• Experience mentoring less experienced engineers
• Articulate and demonstrates a clear understanding of the aspects of object-oriented development
• Persuasive, collaborative business acumen with the ability to influence product roadmaps from a technical perspective
• Strong communication skills both written and verbal
• Commitment to continuous improvement by participating in educational opportunities, reading professional publications, maintaining personal networks, participating in professional organizations
• Initiative, results-oriented drive and a solid work ethic requiring minimal direction
• Resiliency in the face of changing priorities and requirements 
• Strong analytical and problem-solving skills
  
•  Excellent communication and interpersonal skills
• Ability to work independently and in a team environment