Embark on a dynamic journey as the Senior Manager of Application Security Engineering at Workiva. Join a collaborative and inclusive team celebrated for their intelligence, career-driven approach, and unwavering commitment to security. As a pivotal leader, you'll play a key role in shaping and advancing our application security engineering program, driving secure-by-design principles throughout the Secure Software Development Lifecycle (SDLC).
We are seeking a highly skilled and experienced individual with a passion for application security and a strong commitment to fostering an inclusive and diverse team culture. Your role extends beyond technical expertise – it's about establishing yourself as a valuable team member and leader, coaching your team to success, and bridging crucial communication gaps between the engineering team and senior leadership.
If you're driven by a passion for application security, possess proven leadership skills, and thrive in a collaborative environment, this is your chance to make a significant impact. Join us at Workiva and be at the forefront of shaping the future of application security.
What You'll Do
Grow and manage Workiva's application security program, including Secure Software Development Lifecycle, Threat Modeling, Application Pen Testing, and Manual Code Review.
Manage a team of Application Security Engineers, fostering a collaborative and high-performing team culture.
Partner closely with Engineering and Product leadership to integrate secure-by-design principles with the SDLC.
Conduct web application testing, automated & manual penetration testing, static & dynamic code analysis, and ethical hacking.
Identify and remediate zero-day vulnerabilities, and work with BugCrowd and external penetration testers.
Read and write code in multiple languages such as Java, Golang, DART, C, Python, etc.
Collaborate with Software Engineers, R&D, Dev(Sec)Ops, and Product teams to enhance application security.
Communicate effectively, including occasional customer calls on technical Application Security matters.
What You'll Need
8+ years of hands-on technical experience as an Application Security Engineer or IT Developer with cyber security experience.
Prior people leadership experience (3+ years) with the ability to lead, manage, and develop a technical Application Security Engineering team.
Experience in web application testing, penetration testing, code analysis tools (e.g., Qualys, Veracode), and ethical hacking.
Strong coding skills in multiple languages.
Familiarity with CI/CD pipelines, threat modeling, and rollout of a threat model program.
Experience in working with compliance standards such as FedRAMP, SOC, ISO 27001, NIST, etc.
Experience with GitHub Advanced Security or similar solutions.
Travel and Remote Work:
This role offers a flexible work environment, with the option to work remotely and the possibility of occasional travel (up to 10%).
A strong internet connection is required as you collaborate seamlessly with our innovative team.
How You’ll Be Rewarded:
The salary range represents the low and high end of the salary range for this job in the US. Minimums and maximums may vary based on location. The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience and other relevant factors.
Where You’ll Work
Our values drive how we work and who we hire. You will see these values ingrained in how we support our customers, work with team members, build our products and in the work environment we’ve created.
Customer Success: Always delight our customers.
Trust: Rely on each other.
Integrity: Do the right thing, every time.
Collaboration: Share resources and work together.
Innovation: Keep creating solutions and finding better ways.
Inclusion: Support a diverse community where we all belong.
Accountability: Be responsible for your success and failure.
We believe our people are our greatest asset, and our unique culture gives employees the opportunity to make an impact everyday. We give our employees the freedom and resources they need—backed by our culture of collaboration and diverse thought—to continue innovating and breaking new ground. We hire talented people with a wide range of skills and experiences who are eager to tackle some of today’s most challenging problems.
At Workiva, you’ll enjoy:
Fantastic Benefits: With coverage starting day one, choose from competitive health, dental, and vision plans on the largest physician networks available.
Casual Dress: Workiva has a casual work environment, most people wear jeans to the office.
Involvement: Ability to participate in Business Employee Resource Groups (Black, Hispanic, Asian, Women, Rainbow (LGBTQIA+), Veterans, Disabilities), Volunteering, Company wide celebrations, and more
Work-life Balance: We have competitive PTO, VTO and Parental Leave. We encourage employees to spend time enjoying life outside of work.
Workiva is an Equal Employment Opportunity and Affirmative Action Employer. We believe that great minds think differently. We value diversity of backgrounds, beliefs, and interests, and we recognize diversity as an important source of intellectual thought, varied perspective, and innovation. Employment decisions are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression genetic information, marital status, citizenship status or any other protected characteristic. We strongly encourage and welcome people from historically marginalized groups to apply.
Workiva is committed to working with and providing reasonable accommodations to applicants with disabilities. To request assistance with the application process, please email firstname.lastname@example.org.
Workiva supports employees in working where they work best - either from an office or remotely from any location within their country of employment.