Lead Application Security Engineer

See more jobs from Coupa Software Inc

about 4 hours old

Apply Now
The Impact of a Lead Application Security Engineer at Coupa:

We are looking for an extremely talented Lead Software Engineer to join our Application Security Team. You will be part of a global agile group that is responsible for building the best in class SaaS platform, deployment infrastructure, and services. The position will require a candidate to design, develop, maintain, and scale Coupa’s security features and application security tooling.

What You'll Do:

  • Expand the application security landscape at Coupa
  • Being a hands-on developer is a key responsibility in this role
  • Strong software development skills in languages such as Java, .Net and Python
  • Ability to perform code reviews and mentor junior team members
  • Passion for building security-focused features that perform at scale
  • Track vulnerability reports and contribute security fixes
  • Design and implement application changes to meet security compliance requirements
  • Participate in development and operational design reviews with a focus on application security
  • Evaluate new security technologies and make recommendations to strengthen our application
  • Be a champion of Coupa’s Secure Software Development Lifecycle (SSDLC) methodologies
  • Work closely with the Operations Security team to review and define our best practices

    • What You Will Bring to Coupa:

  • Minimum of 2 years of experience as a Lead Software Engineer
  • Expertise in one or more of the following languages: Java, .Net, Python
  • Expertise in developing secure web applications or microservices
  • Knowledge of common application security issues (e.g. OWASP Top 10, SANS Top 25)
  • Knowledge of identity management tools, SAML, OIDC, and SSO integrations
  • Knowledge of OAuth, client-server authentication, server-server authentication
  • Knowledge of different crypto-algorithms, such as DES, RSA, HMAC, SHA, etc.
  • Experience designing, estimating, and leading the implementation of complex systems
  • Proven understanding of software development best practices and design patterns
  • Demonstrated knowledge of security/access control, scalability, high availability, and concurrency
  • Experience working with SQL and NoSQL databases
  • Proven ability to work independently and take projects from design to development to delivery
  • Self-motivated, passion for learning, strong communication skills
  • Bachelor's or Master's degree in Computer Science (or equivalent), or equivalent experience

    • Extra Consideration:

  • Knowledge of compliance requirements: HIPAA, PCI, SOX, FedRAMP, etc
  • Presented security-related topics at conferences or meet-ups
  • Open source project contributions
    • The estimated pay range for this role is as follows:

    •Based in California: $171,275 - $201,500
    •Based in Colorado: $147,050 - $173,000
    •Based in New Jersey: $171,275 - $201,500
    •Based in New York: $171,275 - $201,500
    •Based in Washington: $155,550 - $183,000

    The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state.
    Apply Now