• Security Software Engineer

    Job Locations US-WA-Bellevue
    # of Openings
    Product Development
  • Overview

    DiscoverOrg is seeking a security oriented software engineer who can take point in enhancing organizational secure software development practices.


    DiscoverOrg’s tech stack consists of Java / J2EE applications utilizing Spring Framework with Angular front-ends. DiscoverOrg applications run in an Amazon Web Services cloud environment, making use of many Amazon platform services such as ECS, S3, Kinesis, SQS, RDS Aurora, ElastiCache, DynamoDB, and AWS WAF.


    Candidates should come equipped with a working knowledge of security concepts and fundamentals, as well as their application to a dynamic, cloud based web services environment. We deal in very large volumes of data and are actively building systems that create and increase value from this data.  We are exploring machine learning, scalable and resilient architectures to store, access and interact with our data.  We work with partners regularly who access or enhance our own data in a variety of ways, and we are exploring major enhancements to our customer-facing user interfaces and the technologies to build them. This presents a great opportunity for someone with the right experience to help us enhance our security best practices for software development for existing and future development.



    • Serve as a Subject Matter Expert (SME) in the fields of application and infrastructure security.
    • Perform penetration tests, code audits, and design reviews.
    • Advocate for & educate on security, secure design, and coding practices throughout.
    • Collaborate with engineering teams to implement customer-facing security features.
    • Maintain strong knowledge of common security vulnerabilities, attack vectors, and remediation techniques.
    • Develop technical solutions to help mitigate security vulnerabilities.
    • Drive security requirements through designing and building prototypes and / or proofs of concept.
    • Deliver design documents and create user stories.
    • Evaluate, implement, and support security-focused tools and services.
    • Execute projects effectively and efficiently.
    • Lead for all activities supporting security certifications and audits (SOC2, ISO 27001, etc)


    Desired Skills and Experience:

    • 5+ years experience practicing secure software development and architecture.
    • Experience with common vulnerability scanning and reporting tools (e.g. Burp Scanner, Nessus)
    • Experience with automated static code analysis tools from a secure software development standpoint
    • Experience working on code audits, pen-tests, or similar projects.
    • Experience with Java and JavaScript / Angular Framework
    • At least 5 years experience in cloud security architecture and in SaaS applications
    • Knowledge of a broad range of attack vectors and exploits (AWS Service/API, OS, JVM, database, RESTful API, and Front End).
    • Excellent technical documentation skills.
    • Results driven, creative, professional, persistent, quality oriented, and self-motivated work style.
    • Flexibility to the needs of the business.
    • High volume log collection & SIEM experience
    • Experience as an open source project contributor a plus.


    Preferred Qualifications:

    • Debugging the full application stack
    • RDBMS’s (e.g. MySQL, Oracle, PostgreSQL)
    • ElasticSearch
    • ORMs, preferably MyBatis
    • Automated Testing (GUI and backend), User Acceptance Testing
    • Correlation of security events across multiple layers (e.g. network activity, OS logs, application audit trails)
    • Knowledge of OAuth 2.0 / Open-ID Connect
    • Web Application Firewall & Intrusion Prevention Systems, with ability to write rulesets in response to vulnerabilities
    • Analysis of captured traffic at the packet or API call level
    • Forensic analysis of compromised systems or services
    • Automated responses to security auditing events
    • Recognized participation in security industry events (e.g. conference presentations, Capture The Flag or other security competitions)


    Perks and Benefits:

    • Competitive salary and bonuses
    • Medical, Dental, Vision Coverage
    • 401(k) with employer match
    • Work from home flexibility
    • Competitive PTO 
    • Paid Sick Leave
    • Short-Term & Long-Term Disability
    • Life Insurance, AD&D Insurance
    • In-office soda machines
    • Quarterly offsite company awards
    • Annual company offsite event
    • 10+ employee activity clubs


    Why join DiscoverOrg? 

      • An 8-time honoree of the Inc. 5000 fastest growing private companies
      • Is honored to be a 2017 Fortune Magazine Best Workplaces, and
      • Is recognized as a 2017 Inc. Magazine Top 50 Best Workplaces
      • Was named the 2017 Growth Company of the Year at the Oregon Technology Awards
      • Software Industry (SIIA) 2017 Growth Company of the Year
      • A three time recipient of the Deloitte Fast 500 award
      • Supported by an award-winning Learning and Development team
      • Is led by an EY Entrepreneur of the Year finalist
      • Has an impressive 4.4 star rating on Glassdoor


    DiscoverOrg is an Equal Employment Opportunity (EEO) employer. We are committed to promoting a diverse and inclusive work environment. Our policy on equal opportunity and anti-discrimination applies to all terms and conditions of employment.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed