Job Description
Yext (NYSE: YEXT) is the leading digital presence platform for multi-location brands, with thousands of customers worldwide. With one central platform, brands can seamlessly deliver consistent, accurate, and engaging experiences and meaningfully connect with customers anywhere in the digital world. Our AI and machine learning technology powers the knowledge behind every customer engagement, which is only possible through our team of innovators and enthusiastic collaborators. Join us and experience firsthand why we are consistently recognized as a ‘Best Place to Work’ globally by industry leaders such as Built In, Fortune, and Great Place To Work®!
The Senior Application Security Engineer will be critical in securing our applications and infrastructure. This individual will be responsible for vulnerability management, secure code review, and ensuring the overall security of our software development lifecycle. The ideal candidate will have a strong background in security engineering, Java programming, and hands-on experience with secure coding practices. This role is fully on-site in our Hyderabad, India office.
What You'll Do
- Lead and manage the vulnerability management program, including identifying, assessing, and remedying security vulnerabilities.
- Conduct thorough secure code reviews to identify and mitigate security risks in our software applications.
- Develop and implement security best practices and guidelines for software development teams.
- Collaborate with development teams to integrate security into the software development lifecycle (SDLC).
- Perform security assessments, penetration testing, and threat modeling to identify and address potential security issues.
- Develop and maintain security tools and scripts to automate security tasks.
- Stay current with the latest security threats, vulnerabilities, and mitigation techniques.
- Provide technical leadership and mentorship to junior security engineers.
- Assist in developing and implementing security policies, procedures, and standards.
- Work closely with cross-functional teams to ensure security compliance and best practices are followed.
What You Have
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 5+ years of experience in security engineering or a related field.
- Strong proficiency in Java programming and secure coding practices.
- Extensive experience in vulnerability management.
- Proven experience in conducting secure code reviews and identifying security vulnerabilities.
- Familiarity with secure development frameworks and standards (e.g., OWASP, SANS).
- Experience with application security testing tools such as SAST and DAST
- Strong understanding of web application security, network security, and cryptographic protocols.
- Excellent problem-solving skills and the ability to work under pressure.
- Strong communication skills and the ability to explain complex security issues to non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, CEH, or OSCP are a plus.
Bonus Points
- Experience with other programming languages such as Python, JavaScript, or C#.
- Knowledge of cloud security practices and experience with cloud platforms (e.g., AWS, Azure, GCP).
- Familiarity with DevSecOps practices and tools.
- Experience with offensive security tools and practices.