Principal Application Security Engineer

2 Months ago • 7 Years + • Cyber Security

Job Summary

Job Description

The Principal Application Security Engineer at Barracuda Networks is responsible for ensuring the security of Barracuda's software and services. This involves source code review, manual application security assessments, integrating automated security solutions, architecture reviews, and providing expert guidance on security best practices. The role requires collaborating with development teams throughout the software lifecycle, responding to security incidents, and managing bug bounty programs. A deep understanding of software security vulnerabilities, experience with penetration testing, and strong communication skills are essential. The engineer will also evaluate new security technologies and help improve security processes.
Must have:
  • 7+ years experience
  • Source code review (Python, PHP, Go)
  • Manual application penetration testing
  • Vulnerability assessment and remediation
  • Collaboration with development teams
  • Security incident response
  • Bug bounty program management
Good to have:
  • Solutions architecture review
  • Threat modeling
  • Fuzzing
  • SAST/DAST/SCA tools
  • IaC and cloud security (Azure, AWS)
  • OAuth/OpenID Connect, SAML
  • Process improvement and automation

Job Details

Job ID 25 - 618 (2)

Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.

Envision yourself at Barracuda
The Principal Application Security Engineer assures the safety and security of Barracuda Networks software and services through source code review, manual application security assessment, operation and integration of automated security assessment solutions, architecture review, and expert advice regarding software security trends, threats, best practices and incidents. Through assuring the safety and security of Barracuda Networks software and services, the Application Security Engineer helps to keep our customers and their data safe and secure. 
 
Tech Stack Exposure
  • A deep understanding of software security best practices and vulnerabilities, especially as they relate to web applications (e.g. OWASP Top 10) 
  • Experience identifying vulnerabilities in software and SaaS services 
  • Experience in source code review, preferably for Python, PHP and Go 
  • Experience in scoping and performing manual application penetration testing 
  • Experience in assessing the risk of identified vulnerabilities, and providing correct, robust and actionable recommendations to mitigate and/or resolve the vulnerabilities 
  • Experience in understanding software vulnerabilities, in finding other instances of the vulnerability across codebases, and in identifying collateral/related vulnerabilities. 
  • Experience in assessing the implemented resolution of a vulnerability for completeness and accuracy, and identifying bypasses for the implemented resolution 
  • Experience in working collaboratively with software development teams to identify vulnerabilities in all stages of software development 
  • Experience in communicating effectively with people of varying security proficiency and interest (fellow security professionals, engineering, and management) 
  • The ability to coordinate and participate in wide-scale Software Incident Security Response exercises such as the log4j response, understanding and unpacking information as incidents unfold, and in working across the organization to deliver a comprehensive "Identify, Resolve, Validate" solution 
  • Basic programming experience in at least one language, preferably Python or Go, and experience in automating routine tasks such as searching source code and manipulating data. 
What you’ll be working on
  • Ensure the secure delivery of software from design through to implementation 
  • Maintain awareness of software security trends, incidents, and best practices, and provide expert advice and guidance to engineering teams regarding secure development and vulnerability remediation. 
  • Manage Barracuda’s bug bounty programs 
  • Work collaboratively with the organization, including with Security, Compliance and Engineering, to understand and remediate computer and software security incidents 
  • Evaluate new and emerging security technologies, features, and products. 
What you bring to the role
  • 7+ years of experience 
  • The ability to perform source code review in new and unfamiliar languages using knowledge of security best practices and a willingness to read documentation 
  • Solutions architecture review experience, and the ability to identify opportunities and vulnerabilities early in the specification and development of software 
  • Threat modelling experience 
  • Fuzzing experience 
  • Experience using and integrating automated software security scanners such as SAST/DAST/SCA 
  • An understanding of Infrastructure as Code and cloud platform security (preferably Azure and AWS) 
  • An understanding of identity, authentication and authorization protocols including OAuth/OpenID Connect and SAML 
  • Published examples of work such as original research, vulnerability advisories, conference talks, bug bounty writeups or CTF writeups 
  • The ability to identify opportunities for process improvement, including automation and the authorship of software (scanners, fuzzers, helper utilities etc.) 
  • Experience participating in and/or managing bug bounty programs 
  • Experience with and/or a willingness to collaborate with other security functions such as compliance and policy, network/corporate security, security monitoring and incident response 
 
What you’ll get from us 
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda. In addition, you will receive equity, in the form of non-qualifying options. 
The anticipated on-target earnings range for this role is 146,000 to 167,000 CAD. Actual compensation offered will be dependent upon the individual's skills, experience, and qualifications as they directly relate to the requirements of the position, the budget for the position, and applicable employment laws.
#LI-remote

Similar Jobs

Meta - Production Engineering

Meta

Austin, Texas, United States (Hybrid)
6 Months ago
Technorizen Software Solutions - Urgent opening for Exp. IOS Developer

Technorizen Software Solutions

Indore, Madhya Pradesh, India (On-Site)
10 Months ago
Playtika - PHP Tech Lead

Playtika

Poland (Hybrid)
2 Months ago
KingsIsle Entertainment - Build and Tools Software Engineer

KingsIsle Entertainment

Texas, United States (Hybrid)
2 Months ago
Meta - Production Engineering

Meta

Boston, Massachusetts, United States (On-Site)
6 Months ago
The Walt Disney Company - Security Specialist, Compliance

The Walt Disney Company

Burbank, California, United States (On-Site)
1 Month ago
CloudLinux - Senior Python/Go Developer for Imunify360

CloudLinux

Masovian Voivodeship, Poland (Remote)
1 Month ago
NVIDIA - Senior Manager, Internal Audit - Cybersecurity and Engineering

NVIDIA

Santa Clara, California, United States (On-Site)
2 Months ago
Google - Product Manager, Google Distributed Cloud, Compliance and Security

Google

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Push Gaming - Information Security Analyst

Push Gaming

Malta (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Meta - Production Engineering

Meta

New York, New York, United States (On-Site)
6 Months ago
Meta - Software Engineer, Infrastructure

Meta

Los Angeles, California, United States (Remote)
1 Month ago
WebFX - Web Designer

WebFX

Philippines (Remote)
1 Month ago
ByteDance - Senior Software Engineer, Multi Cloud CDN - San Jose / Seattle / Boston

ByteDance

San Jose, California, United States (On-Site)
5 Months ago
ByteDance - Software Engineer, Global Payments Financing Product

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
Airlab Inc  - C++ & Python Programmer

Airlab Inc

Quebec, Canada (On-Site)
2 Months ago
MURKA - PHP Developer

MURKA

Poland (On-Site)
4 Months ago
Single Store - Technical Account Manager

Single Store

Hyderabad, Telangana, India (Remote)
2 Months ago
Dream Sports - Director - DevOps

Dream Sports

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Playtika - PHP Developer

Playtika

Netherlands (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Ontario, Canada

Puzzle Cats - Game Designer

Puzzle Cats

Toronto, Ontario, Canada (On-Site)
9 Months ago
Budge Studios - 3D Artist Generalist

Budge Studios

Quebec, Canada (Hybrid)
1 Month ago
Larian Studios - RPG Designer | Concepteur des Jeux de rôle

Larian Studios

Quebec, Canada (On-Site)
4 Months ago
Thatgamecompany - Gameplay Engineer

Thatgamecompany

Canada (Remote)
2 Months ago
Epic Games - Senior Rendering Programmer, Fortnite Tech

Epic Games

Montreal, Quebec, Canada (On-Site)
1 Month ago
NVIDIA - Senior Observability Architect, AI and HPC

NVIDIA

Canada (On-Site)
3 Months ago
Aristocrat Gaming - Product Marketing Manager

Aristocrat Gaming

Montreal, Quebec, Canada (Hybrid)
3 Months ago
PwC - PwC Private, High Net Worth Tax, Manager

PwC

Toronto, Ontario, Canada (On-Site)
7 Months ago
Mixmob - Game Producer

Mixmob

Vancouver, British Columbia, Canada (Remote)
10 Months ago
Evolution - Night Shift Game Presenter (Live Broadcasting Studio)

Evolution

New Westminster, British Columbia, Canada (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ION - Cyber Security Analyst, Italy

ION

Pisa, Tuscany, Italy (On-Site)
7 Months ago
Rockstar Games - Director, Security Operations

Rockstar Games

New York, New York, United States (On-Site)
7 Months ago
Rockstar Games - Security Architect

Rockstar Games

New York, New York, United States (On-Site)
1 Month ago
Google - Cyber Engagement Lead

Google

Tokyo, Japan (On-Site)
1 Month ago
Applike - IT Security Manager (f/m/d)

Applike

Hamburg, Hamburg, Germany (Hybrid)
4 Months ago
PwC - ETIC, SAP Security Associate - Cyber Security

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
7 Months ago
Barracuda Networks  Inc  - Principal Application Security Specialist

Barracuda Networks Inc

Ontario, Canada (Remote)
1 Month ago
Google - Senior Validation Security Consultant

Google

Reston, Virginia, United States (On-Site)
1 Month ago
Patreon - Security Engineer

Patreon

(Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Ann Arbor, Michigan, United States (Remote)

United States (Remote)

Illinois, United States (Remote)

Arizona, United States (Remote)

Chelmsford, Massachusetts, United States (Hybrid)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

Ottawa, Ontario, Canada (Hybrid)

Ottawa, Ontario, Canada (Hybrid)

Reading, England, United Kingdom (Hybrid)

Ann Arbor, Michigan, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Barracuda Networks Inc

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug