Application Security Engineer
The Qualtrics XM Platform™ is a system of action that helps businesses to attract customers who stay longer and buy more, to engage and empower employees to do the best work of their lives, to develop breakthrough products people love, and to build a brand people can’t imagine living without.
Joining Qualtrics means becoming part of a team bold enough to chase breakthrough experiences - like building a technology that will be a force for good. A team committed to diversity, equity, and inclusion because of a conviction that every voice holds value, with a vision for representation that matches the world around us and inclusion that far exceeds it. You could belong to a team whose values center on transparency, being all in, having customer obsession, acting as one team, and operating with scrappiness. All so you can do the best work of your career.
We believe every interaction is an opportunity. Are we yours?
The Challenge
As Qualtrics continues to extend the Experience Management (XM) platform, we must ensure that we’re protecting our customers and their data by delivering and operating secure systems. Hundreds of software engineers contribute to Qualtrics XM every day. We require an outstanding application security program which enables developers to deliver secure code, effectively identifies and remediates security vulnerabilities, and keeps up with our growing scale. Qualtrics is looking for an experienced software developer with a passion for security who is ready to bring our appsec program to the next level.
A Day in the Life
- Review source code & software/system designs, and consult with software engineers across the organization to identify and/or avoid security issues through alignment to security standards.
- Build reusable libraries and components which implement common security functionality for use across the Qualtrics XM platform
- Document and improve secure SDL processes and standards
- Deliver training and provide mentoring to software engineers on security topics
- Facilitate threat modeling exercises to ensure accurate security design decisions are being made
- Coordinate with security champions and other software engineers to ensure successful and timely remediation of vulnerabilities
- Automate redundant tasks related to detection and reporting of vulnerabilities, suspicious application activity, coordination of response activities, etc.
- Implement security testing tools and methodologies (e.g., SAST, DAST) in collaboration with other engineering teams
- Participate in on-call rotation for security operations responsibilities, including security incident response
- Use penetration testing techniques to identify or validate vulnerabilities in Qualtrics products
The Expectation for Success
You will work effectively with the Qualtrics engineering organization, providing reliable technical security expertise on application security issues and applying a team-based approach to solving problems and prioritizing security work. You will seek to streamline and automate processes in order to deliver maximum results with minimal effort.
Skills That Will Lead to Success
- Bachelor’s degree in Computer Science or a related field
- At least four years developing web or backend applications
- Sound understanding of app security vulnerabilities, defense techniques and security best practices, including language-specific security measures and present-day threats
- Experience with modern application development languages and frameworks
What differentiates us from other companies
- Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
- We take pride in our offices design by encouraging creativity through our rooftop views to an open and transparent work space.
- On top of standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
- We believe in sharing Qualtrics success which is part of the compensation for all employees.