Application Security Engineer
Ping Identity | Security (8100) | Tel Aviv, Tel Aviv
At Ping Identity, we're changing the way people think about enterprise security technology. With our innovative Identity Defined Security platform, we're helping to build a borderless world where people have total freedom to work wherever and however they want. Without friction. Without fear.
We're headquartered in Denver, Colorado, and we have offices and employees around the globe. And we serve the largest, most demanding enterprises worldwide, including over half of the Fortune 100. Because even in the most complex enterprise environments, security shouldn't be a source of anxiety. It should be one of your greatest competitive advantages.
We call this digital freedom. And it's not just something we provide our customers. It's something that drives our company. People don't come here to join a culture that's build on digital freedom. They come to cultivate it.
As an Application Security Engineer working in our Israeli office you will gain invaluable experience at a visionary security company. The position requires a passion for application security, the ability to work in a fast moving, distributed and agile environment, excellent communications skills, and attention to latest security best practices.
- Own Security Engineering for assigned Ping Identity products and tools
- Assist in developing and implementing Secure Software Development Lifecycle (SSDLC) practices
- Work with the product teams to perform security design/code reviews and vulnerability management in an agile environment
- Perform security tasks including (but not limited to) threat modeling, security code review, training, static and dynamic analysis, develop automated test techniques and perform manual security testing
- Innovate the automation of SSDLC tasks
- Assist the support team responding to customer and field questions related to product security
- Engage with third party security consultants for independent security assessments and penetration testing of the product
- 2+ years of performing Web Application Security
- 2+ years of developing commercial products (experience in Java preferred)
- Experience in securing mobile applications
- Understanding of network protocols and architectures such as TCP/IP, UDP, IPv6, IPSEC, TLS, HTTP, routing protocols
- Exceptional problem solving skills, curious about the inner workings of the system and show attention to details
- Excellent English written and oral communication skills
- Traveling to the US minimum twice a year
- Experience with identity management (OAuth 2.0, OpenID Connect, SAML, LDAP, etc.)
- Experience in securing cloud and mobile applications
- Experience with CI/CD in Amazon AWS, Azure or Google Cloud
- Security certifications such as CISSP, CSSLP, GIAC