Senior Application Security Engineer- Federal

Job Description

DataRobot is the leader in enterprise AI, delivering trusted AI technology and enablement services to global enterprises competing in today’s Intelligence Revolution. DataRobot’s enterprise AI platform democratizes data science with end-to-end automation for building, deploying, and managing machine learning models. This platform maximizes business value by delivering AI at scale and continuously optimizing performance over time. The company’s proven combination of cutting-edge software and world-class AI implementation, training, and support services, empowers any organization – regardless of size, industry, or resources – to drive better business outcomes with AI.

With a singular focus on AI since its inception, DataRobot has a proven track record of delivering AI with ROI. DataRobot has offices across the globe and $431 million in funding from top-tier firms, including New Enterprise Associates, Sapphire Ventures, Meritech, and DFJ Growth. For more information, visit www.datarobot.com, and join the conversation on the DataRobot Community, Twitter and LinkedIn.

Requirements

The candidate will review software architecture, identify security vulnerabilities, and sometimes implement remediations themselves or coordinate with teams to get the work completed. They will also make recommendations and work with code owned by other teams to improve the overall security of the application. Additionally, the candidate will assist the team with automation of security testing and vulnerability management using a suite of tools as well as manual security testing of features within the application.

Requirements / Skills

• 5+ years experience in application security
• Full stack development experience
• Scripting and automation experience using RESTful API’s
• Knowledge of security principles (confidentiality, integrity, availability)
• Knowledge of SANS/CWE Top 25, OWASP Top 10 Proactive Controls and Application Security principals.
• Understanding of software architecture and design principles
• Experience with data encryption, cryptography and encryption key management
• Experience with automated code auditing/vulnerability testing
• Familiarity with Cloud and cloud automation technologies (Terraform, Cloudformation, Ansible/Chef/Puppet)
• Full understanding of modern application architectures, from the browser to databases
• Experience developing large, scalable distributed applications
• Development experience in JavaScript and Python.
• Experience with DevSecOps & integrating security into pipelines.

Bonus

• Development experience with python, Java, C# or other object oriented languages
• Experience with software development techniques to ensure applications are in compliance with PCI, HIPAA or FISMA.
• Experience with docker containers, kubernetes, and other container orchestration technologies
• Experience with Hadoop including Cloudera parcels, or Ambari stacks
• Experience developing and deploying software for enterprise customers
• Experience with Service Mesh architectures.

Individuals seeking employment at DataRobot are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.