Application Security Engineer

PDQ

We work a 4 day week (36 hours per week)

Only considering candidates who are eligible to work in the USA ⚠️

PDQ, founded in Salt Lake City, UT, makes device management simple, secure, and P retty D amn Q uick. IT teams use our products to reduce complexity, improve efficiency, and enhance control in their unique environments. We are backed by TA Associates and Berkshire Partners, top-tier global PE companies. SimpleMDM and SmartDeploy are powered by PDQ.

PDQ's Mission: We make device management simple, secure and pretty damn quick.

PDQ's Core Values: Honesty, Ownership, Collaboration and Improvement

As an Application Security Engineer at PDQ, you will play a crucial role in applying security best practices throughout the software development lifecycle and testing our applications against security risks before release. Your experience and skills will provide guidance to our development teams on secure coding practices and contribute to the design and implementation of secure architecture. Your efforts will help foster a culture of security considered at every level of the organization.

In this role, you'll collaborate with PDQ's Operational Security team to:

  • Ensure proper implementation of security practices, such as vulnerability scanning and penetration testing
  • Perform regularly scheduled and ad hoc security audits
  • Support achievement of meaningful industry certifications (e.g. ISO, SOC)
  • Manage prioritization of all security related activities
  • Monitor threat landscape (e.g. CISA feeds, industry publications, news, etc.) and engage with Product Leadership Team to ensure adequate controls are in place
  • Collaborate with DevOps to ensure security measures are implemented in production environments
  • Automate security checks and scans in DevOps environments
  • Assist with response and recovery related to security incidents or breaches -

What you'll be doing:

  • Perform regular secure coding training with engineering teams and refine secure coding practices and standards
  • Ensure deliverables and gates for security are integrated at all stages of the SDLC
  • Develop and maintain documentation of application security controls
  • Collaborate with engineering teams to ensure standard security requirements are defined and included in every product release
  • Improve and implement processes for secure code reviews
  • Schedule and take part in application security testing and threat modeling exercises
  • Recommend implementation of advanced security features
  • Monitor process of resolution of critical and high findings from vulnerability, SAST, DAST, and SCA scans relative to agree upon SLAs and elevate any discrepancies for remediation
  • Assist engineers in assessing and remediating vulnerabilities
  • Build and maintain a multi-year Product Security roadmap and align priorities for roadmap and resourcing with Product Leadership Team.

We're looking for people who have:

  • Bachelor’s Degree in Computer Science or related fields, or equivalent experience
  • Solid understanding of web and mobile application security across the SDLC
  • Strong experience with secure cloud architecture and design
  • Knowledge of a variety of languages across PDQ’s technical stack
  • Experience with a variety of security testing tools and best practices
  • Strong experience with threat modeling and analysis
  • Experience implementing and securing cloudstorage and cloud infrastructure
  • Understanding of common threats and attacks, as well as security protocols and standards
  • Ethical hacking knowledge a plus

We need someone who can:

  • Work collaboratively across multiple departments
  • Handle sensitive and confidential information
  • Apply strong analytical and problem-solving skills
  • Exercise curiosity and seek opportunities for continued learning
  • Think creatively and outside the box – think like a hacker!
  • Stay up to date on latest security trends and technologies
  • Communicate concepts to technical and non-technical audiences alike

Tools we use:

  • Applications written in Elixir, C#, Ruby, JavaScript, Python
  • Infrastructure implemented in GCP/Kubernetes

Do you think you have what it takes but don’t necessarily meet all the requirements? Apply anyway – youcould be exactly who we are looking for!

PDQ offers all of the great perks and benefits you'd expect from working at a very cool tech company, and even some you might not expect, including:

4-Day Work Week

Managers who champion professional development and are technically experienced (the best kind of experience)

100% Premium Coverage for medical, dental and vision for you and your dependents

100% Premium Coverage for Short Term Disability, Long Term Disability, Life, and AD&D Insurance

Company Match of the first 6% of your employee deferrals after you’ve been employed with us for 90 days

Flexible Paid Time Off Policy that treats you like the adult that you are

Health Savings Account (HSA) and wellness incentives

Quarterly Company Values Award (team member nominated)

PDQ is proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, pregnancy, sexual orientation, gender identity or expression, religion, national origin, ancestry, citizenship, marital status, military or veteran status, genetic information, disability status, or any other characteristic protected by federal, provincial, state, or local law. If you would like to request reasonable accommodation for a medical condition or disability during any part of the application process, please contact [email protected].

*Currently, candidates who are eligible for fully remote positions can live in any of the following US states: AR, AZ, CO, CT, FL, GA, ID, IL, IN, KY, MD, MI, MN, MO, NC, NH, OK, OR, TN, TX, UT, VA, WA, WI.

PDQpdq.com

We are all about IT management - Our products allow admins to push software to all their computers as well as organize their computers into groups that make sense to them.

Working Week

We work a 4 day week (36 hours per week)

  • Mon
  • Tue
  • Wed
  • Thu
  • 🏖️
    Fri

Remote Working Policy

We work fully remotely and are a team of 75 and mostly based in USA. Our team works from:

  • Utah
    56
  • Oregon
    3
  • Arkansas
    2
  • Texas
    2
  • Florida
    1
  • Indiana
    1
  • California
    1
  • Minnesota
    1
  • Illinois
    1

Company Benefits

  • 100% Premium Healthcare
  • 401(k) company contribution
  • Flexible working hours
  • Generous parental leave
  • Dentalcare
  • Equipment allowance
  • Life & Disability Insurance
  • Professional Development Budget

Our Team

We're a team of 200 across 19 departments:

  • engineering
    54
  • operations
    25
  • sales
    21
  • marketing
    15
  • support
    7
  • administrative
    7
  • business development
    6
  • +12 more teams

Desirable Skills and Experience

  • Elixir
  • C#
  • Ruby
  • JavaScript
  • Python
  • Web and Mobile App Security
  • Cloud Architecture and Design
  • Threat Modeling and Analysis
  • Cloud Infrastructure Security
  • Ethical Hacking
  • Security Audits

View more Engineering jobs

Share this job:

Report incorrect data

Let us know if the job has expired