About Highspot

Highspot helps sales teams improve customer conversations and achieve their revenue goals. From content optimization and performance analytics to in-context training, guided selling, and more, the Highspot platform delivers enterprise-ready features in a modern design that sales reps and marketers love. Using Highspot, marketing leaders have deep insights and analytics into the performance and influenced revenue of content, campaigns, and marketing assets. What makes the solution special? It’s loved by sales reps globally, and is the #1 rated sales enablement platform on G2 Crowd. 

We are committed to diversity as both a moral and business imperative. 

About this Position

Are you looking to join a rapidly growing team of security professionals in order to build an industry leading and bleeding edge security team?

Highspot is a hyper-growth, pre-IPO, startup looking to grow our company size and industry footprint. We are looking for exceptional engineers to anticipate growth issues, build automation, find vulnerabilities and mitigate these issues before they impact customers. Security is the cornerstone of trust with our customers; and our team spends each day protecting our company and our customers, keeping them safe. Trust and security are market differentiators and Highspot is committed to building that trust with our customers.

Highspot may be growing quickly, but we haven’t lost our inclusive, respectful, and team focused culture. We’re looking for passionate people from all backgrounds who want to learn everything they can. Our team supports each other to achieve our best work leaving the intra-team or intra-company competition or try harder ethos at the door.

We encourage our team to build tools, speak at and attend conferences, and publish research. We heavily use and rely on Open Source tools and software and we want to build and contribute back to those tools and to develop new techniques to help our security industry grow and improve together. 

If this sounds exciting to you and you’re interested in learning more about our team and what it takes to be part of an exceptional, passionate, technical security engineering team, please reach out. 

Tools We Use

We use tools to make our lives easier, make us more effective, and to help us get better security coverage quickly. We understand tools can make us better, but manual assessment and vulnerability hunting is where we will make the most impact. Some of the tools we use regularly are listed below.

* Burp Suite Pro

* Semgrep

* Brakeman

* Veracode

* Checkmarx

* Dependabot

* Dependency-check

* Defect Dojo

* Scout Suite

* Anything else that will make you effective

What You'll Do and Your Background

• Web Application penetration testing, way beyond the OWASP Top 10
• Mobile Application penetration testing; both iOS and Android
• Love to learn new technologies, attack scenarios
• AI, ML, Data Science, Kafka, Docker, K8s, AWS, Terraform, and more
• Able to anticipate potential threats and issues in code before they become an issue and prioritize them accordingly
• Able to understand the macro architecture of a complex software system, able to perform architecture reviews and threat modeling
• Able to write tools in a language of your choosing
• Able to understand code and find vulnerabilities in our languages of choice, including Ruby, Clojure, Javascript and more
• Able to work with external vendors, bug bounty programs and security researchers
• Understand the “why” of vulnerabilities and clearly articulate impact and risk to others
• If you have a ton of passion, love technology and learning, and are just diving into security, but have a few of these met...give us a shout anyway.

This position is available either in-office or remote, as applicable, at the following locations:

• Arizona - Remote 
• Arkansas - Remote
• California - Remote 
• Connecticut - Remote 
• Florida - Remote 
• Georgia - Remote 
• Idaho - Remote 
• Illinois - Remote 
• Maryland - Remote 
• Massachusetts - Remote 
• Michigan - Remote
• Minnesota - Remote 
• Missouri - Remote 
• Montana - Remote
• Nevada
• New Hampshire - Remote
• New Jersey - Remote 
• New York - Remote 
• North Carolina - Remote 
• Ohio - Remote 
• Oregon - Remote 
• Pennsylvania - Remote 
• Tennessee - Remote
• Texas - Remote 
• Utah - Remote 
• Virginia - Remote 
• Washington - Remote 
• Washington - Seattle
• Wisconsin - Remote
• #BI-Remote

Benefits

Comprehensive medical, dental, and vision benefits

401(k) Matching

Paid parental leave 

Flexible work and vacation schedules

Discounted ClassPass membership

2 volunteer days per year

Transportation benefits

Competitive compensation and stock options

Fully-stocked kitchen

Annual company-wide events

Meaningfully contribute to a compelling vision!

Equal Opportunity Statement

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of age, ancestry, citizenship, color, ethnicity, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or invisible disability status, political affiliation, veteran status, race, religion, or sexual orientation.

Did you read the requirements as a checklist and not tick every box? Don't rule yourself out! If this role resonates with you, hit the ‘apply’ button.