Application Security Engineer
Why Qualtrics?
Qualtrics is the technology platform that organizations use to collect, manage, and act on experience data, also called X-data™. The Qualtrics XM Platform™ is a system of action, used by teams, departments, and entire organizations to manage the four core experiences of business—customer, product, employee and brand—on one platform. Over 10,000 enterprises worldwide, including more than 75 percent of the Fortune 100 and 99 of the top 100 U.S. business schools, rely on Qualtrics to consistently build products that people love, create more loyal customers, develop a phenomenal employee culture, and build iconic brands. Qualtrics was recently acquired by SAP, and together we will accelerate XM and power the experience economy. Join us on this adventure that can open many doors! Join a company that is dedicated to your ideas and growth, recognizes your unique contribution, fills you with purpose, and provides a fun, flexible and inclusive work environment.
The Challenge
As Qualtrics continues to extend the Experience Management (XM) platform, we must ensure that we’re protecting our customers and their data by delivering and operating secure systems. Hundreds of software engineers contribute to Qualtrics XM every day. We require an outstanding application security program which enables developers to deliver secure code, effectively identifies and remediates security vulnerabilities, and keeps up with our growing scale. Qualtrics is looking for an expert software developer with a passion for security who is ready to bring our appsec program to the next level.
A Day in the Life
- Review source code & software/system designs, and consult with software engineers across the organization to identify and/or avoid security issues through alignment to security standards.
- Build reusable libraries and components which implement common security functionality for use across the Qualtrics XM platform
- Document and improve secure SDL processes and standards
- Deliver training and provide mentoring to software engineers on security topics
- Facilitate threat modeling exercises to ensure accurate security design decisions are being made
- Coordinate with security champions and other software engineers to ensure successful and timely remediation of vulnerabilities
- Automate redundant tasks related to detection and reporting of vulnerabilities, suspicious application activity, coordination of response activities, etc.
- Implement security testing tools and methodologies (e.g., SAST, DAST) in collaboration with other engineering teams
- Participate in on-call rotation for security operations responsibilities, including security incident response
- Use penetration testing techniques to identify or validate vulnerabilities in Qualtrics products
The Expectation for Success
You will work effectively with the Qualtrics engineering organization, providing reliable technical security expertise on application security issues and applying a team-based approach to solving problems and prioritizing security work. You will seek to streamline and automate processes in order to deliver maximum results with minimal effort.
Skills That Will Lead to Success
- Bachelor’s degree in Computer Science or a related field
- At least four years developing web or backend applications
- Sound understanding of app security vulnerabilities, defense techniques and security best practices, including language-specific security measures and present-day threats
- Experience with modern application development languages and frameworks
What differentiates us from other companies
- Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
- We take pride in our offices design by encouraging creativity through our rooftop views to an open and transparent work space.
- On top of standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
- We believe in sharing Qualtrics success which is part of the compensation for all employees.