Senior Application Security Engineer

Job description

Who We Are

AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. We built our suite of audit, risk, and compliance solutions with user experience at the forefront, and maintain an unwavering focus on creating streamlined, easy-to-use products to address the critical business needs of our customers.

That customer-centric approach has helped us become the third fastest growing technology company in North America, according to Deloitte. More than 20% of the Fortune 500 and companies like Walmart, Intel, Amgen, Hawaiian Airlines, Electronic Arts, Lowes, Lennar Homes, and Cornerstone OnDemand use AuditBoard today.

Who We Are Looking For

AuditBoard is looking for a passionate and experienced Senior Application Security Engineer, who will defend AuditBoard applications and drive innovative solutions to software security challenges. This position will serve as a Security Champion to the AuditBoard engineering team - assisting them with implementing security best practice at every layer of the SDLC. 


  • Work with product and engineering teams to review security throughout the design and implementation process. 
  • Create application threat models and provide guidance on effective countermeasures.
  • Perform secure code reviews, configuration assessments, and ensure the use of secure coding practices, when possible.
  • Guide the implementation and adoption of Secure SDLC solutions and practices, such as SAST and DAST. 
  • Provide subject matter expertise and training on encryption, security controls, and secure programming practices.
  • Validate, triage and assist in the remediation of vulnerabilities discovered through third-party penetration tests, or bug bounty programs. 
  • Guide the implementation, configuration and operation of application layer security controls such as Web Application Firewall and DDoS mitigation solutions. 
  • Assist with Security Compliance activities as required. 


  • 5 years working experience within Information Security related fields
  • Programming experience with JavaScript (Node.js, React, Ember experience preferred) 
  • Understanding of Secure SDLC and cloud-native environments
  • Experience implementing code scanning solutions
  • Experience with Bug Bounty or other Third Party assessment programs
  • Experience with configuring and monitoring Web Application Firewalls 
  • Excellent analytical, and problem-solving skills
  • GIAC Web Application Penetration Testing (GWAPT)
 or GIAC Secure Software Programmer- (GSSP) prefered 
  • BS or MS in computer science or a related field preferred

Why You’ll Love Life at AuditBoard

  • You’ll be launching a career at a well-funded, hyper-growth SaaS tech company
  • Free daily catered lunches
  • Stock options
  • Unlimited snacks and beverages
  • Free gym membership
  • Medical, dental, and vision coverage for full-time employees
  • 3 weeks of Paid Time Off and 10 holidays per year
  • 401k to save for your future
  • Fun company and team outings