Application Security Engineer Prosper
We are seeking an Application Security Engineer to interface with application development teams to ensure security, privacy, and compliance requirements are addressed throughout the development lifecycle. This individual will lead the effort in the implementation of new security solutions. He or she will drive the creation and maintenance of policies, standards, baselines, guidelines and procedures. He or she will be accountable for conducting application vulnerability assessments, application penetration testing, and security assessments. Above all other factors, we are looking for smart, driven candidates who want to be part of a culture of innovation and creativity as we develop and define the peer-to-peer lending market.
Overall responsibility of security for Prosper Applications
Identify, highlight, and provide security recommendations during requirement and design reviews
Conduct in-house penetration testing and code-reviews of Prosper applications and platform.
Provide consultancy for Product development, Engineering & Operations team on technical security issues and remediation
Take ownership of Vulnerability Management Process:
Ensure that vulnerability scans are run at scheduled time
Ensure scan results are analyzed in a timely manner
Categorize the vulnerabilities as per defined process
Ensure fixes are applied as per the vulnerability policy
Track open issues and follow up with different teams to address the open issues.
B.E Computer Science/Information Systems or related field
3 plus years of experience as a developer or in application security.
Strong programming background
Experience with modern Web Application Framework (Java/Rails/.Net) required, .Net Framework 3.0 ? 4.0, ASP.NET, ASP.Net MVC desirable, NHibernate, IoC based Framework, AOP Framework, Web Services (SOAP/WSDL or ReST/WADL), WCF desirable
Knowledge of authentication mechanisms like SAML, OAuth etc.
Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS etc.
Experience in secure application programming, code reviewing and penetration testing web based application
Experience in security testing mobile application is a plus
Ability to work effectively with technical and non-technical personnel in a cross-functional setting
Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments
Identify security risks and develop solutions to eliminate or minimize risks
Knowledge of software design, software and network architecture, protocols, and standards
Excellent verbal and written communication skills
CISSP certification desirable
Must be available on call 24x7 for working on security incidents.
Headquartered in San Francisco, CA, Prosper is the first Peer-to-Peer lending marketplace. At Prosper, we're changing the world of banking, one peer-to-peer loan at a time. Peer-to-peer lending is still a nascent industry, but Prosper has already changed the way tens of thousands of people access credit and invest their money. With over $900 million in loans funded and over 2 million members, Prosper has created the world's largest peer-to-peer lending marketplace.
||111 Sutter Street |
San Francisco, CA 94104