Job Summary

Are you up for the challenge of protecting all of the world’s transactions? Avalara is looking for the world’s brightest security engineers. In this role you will engage with world class engineers and architects as they build our future application and service capabilities, while ensuring our current generation solutions continue to deliver the trust and reliability our customers expect. If you want to make a big difference in a fast-moving environment without endless meetings, if you want to set your direction instead of having it set for you, if you want to have all of the benefits of startup and an established company, we want to talk to you.

Our ideal Senior Application Security Engineer has experience working on a variety of platforms and technologies and is passionate about identifying and managing risks. Security can be complex, so you will be responsible to make it simple while making its impact significant in our engineering organizations. You will provide guidance, training, and support. You will be able to talk tech and business. You will work hard to find the right solution, not the first solution. You thrive on challenge and you are not afraid to dig in, all while having fun and not getting too serious.

Responsibilities

• Set strategic direction for application security
• Perform code and design reviews of software products and solutions
• Provide training, education, awareness, and communication to development and engineering groups
• Develop and implement manual and automated security tests
• Pen test a wide variety of cloud technologies 
• Lead security incident handling and response

Qualifications

• Strong sense of ownership, urgency, and drive
• 5+ years’ experience performing manual code review and analysis
• 5+ years’ experience with commercial and open source application security tools
• Deep technical knowledge and experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10
• Experience working in a multi-tenant SaaS environment, service-oriented architecture and web service security
• Experience developing and securing applications in AWS

Preferred Qualification

• Bachelor’s Degree in Computer Science, Engineering, or related field
• Experience working with web vulnerability scanners such as Acunetix WVS 
• Hands on experience in a continuous integration/continuous deployment environment
• Experience with agile software development processes and methodologies
• Experience working with a variety of development tools, languages, and environments, including .NET, Java, PHP, Node.js, Ember, SQL Server, and Amazon Web Services

The perks of working at Avalara go beyond amazing physical spaces and a fully stocked Tiki Bar. We are committed to continued progress in diversity and inclusion. As an employee at Avalara, you’ll have the opportunity to join resource groups focused on diversity of thought, engage with your local or global community about topics that matter to you and the organization and receive continued education around inclusion and development. As Avalara grows, so do the voices within it. It’s time to hear your voice.

Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, sex, age, gender, nation of origin, disability, sexual orientation, US Veteran status, or any other factor protected by law. We thrive on diversity and encourage people from all walks of life to apply to Avalara’s open positions.