Principal Application Security Engineer

1 Month ago • 7 Years + • Cyber Security • $174,000 PA - $250,000 PA

Job Summary

Job Description

The Principal Application Security Engineer at Barracuda Networks ensures the security of software and services through source code review, application security assessments, automated security solution integration, architecture review, and expert advice. Responsibilities include maintaining awareness of security trends, managing bug bounty programs, collaborating with various teams on incident response, evaluating new security technologies, and ensuring secure software delivery. The role requires deep understanding of software security best practices and vulnerabilities, particularly in web applications.
Must have:
  • Source code review (Python, PHP, Go)
  • Manual application penetration testing
  • Vulnerability risk assessment and remediation
  • Collaboration with development teams
  • 7+ years of experience
Good to have:
  • Solutions architecture review
  • Threat modeling
  • Fuzzing
  • SAST/DAST/SCA experience
  • Cloud platform security (Azure, AWS)
Perks:
  • Equity (non-qualifying options)
  • High-quality health benefits
  • Retirement plan with employer match
  • Career-growth opportunities
  • Flexible Time Off and Paid Time Off

Job Details

Job ID 25 -618
 
Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.
 
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.
 
Envision yourself at Barracuda 
The Principal Application Security Engineer assures the safety and security of Barracuda Networks software and services through source code review, manual application security assessment, operation and integration of automated security assessment solutions, architecture review, and expert advice regarding software security trends, threats, best practices and incidents. Through assuring the safety and security of Barracuda Networks software and services, the Application Security Engineer helps to keep our customers and their data safe and secure. 
 
Tech Stack Exposure 
  • A deep understanding of software security best practices and vulnerabilities, especially as they relate to web applications (e.g. OWASP Top 10) 
  • Experience identifying vulnerabilities in software and SaaS services 
  • Experience in source code review, preferably for Python, PHP and Go 
  • Experience in scoping and performing manual application penetration testing 
  • Experience in assessing the risk of identified vulnerabilities, and providing correct, robust and actionable recommendations to mitigate and/or resolve the vulnerabilities 
  • Experience in understanding software vulnerabilities, in finding other instances of the vulnerability across codebases, and in identifying collateral/related vulnerabilities. 
  • Experience in assessing the implemented resolution of a vulnerability for completeness and accuracy, and identifying bypasses for the implemented resolution 
  • Experience in working collaboratively with software development teams to identify vulnerabilities in all stages of software development 
  • Experience in communicating effectively with people of varying security proficiency and interest (fellow security professionals, engineering, and management) 
  • The ability to coordinate and participate in wide-scale Software Incident Security Response exercises such as the log4j response, understanding and unpacking information as incidents unfold, and in working across the organization to deliver a comprehensive "Identify, Resolve, Validate" solution 
  • Basic programming experience in at least one language, preferably Python or Go, and experience in automating routine tasks such as searching source code and manipulating data. 
What you’ll be working on 
  • Ensure the secure delivery of software from design through to implementation 
  • Maintain awareness of software security trends, incidents, and best practices, and provide expert advice and guidance to engineering teams regarding secure development and vulnerability remediation. 
  • Manage Barracuda’s bug bounty programs 
  • Work collaboratively with the organization, including with Security, Compliance and Engineering, to understand and remediate computer and software security incidents 
  • Evaluate new and emerging security technologies, features, and products. 
What you bring to the role 
  • 7+ years of experience 
  • The ability to perform source code review in new and unfamiliar languages using knowledge of security best practices and a willingness to read documentation 
  • Solutions architecture review experience, and the ability to identify opportunities and vulnerabilities early in the specification and development of software 
  • Threat modelling experience 
  • Fuzzing experience 
  • Experience using and integrating automated software security scanners such as SAST/DAST/SCA 
  • An understanding of Infrastructure as Code and cloud platform security (preferably Azure and AWS) 
  • An understanding of identity, authentication and authorization protocols including OAuth/OpenID Connect and SAML 
  • Published examples of work such as original research, vulnerability advisories, conference talks, bug bounty writeups or CTF writeups 
  • The ability to identify opportunities for process improvement, including automation and the authorship of software (scanners, fuzzers, helper utilities etc.) 
  • Experience participating in and/or managing bug bounty programs 
  • Experience with and/or a willingness to collaborate with other security functions such as compliance and policy, network/corporate security, security monitoring and incident response 
 
What you’ll get from us  
 
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.  
 
  • Equity, in the form of non-qualifying options 
  • High-quality health benefits 
  • Retirement Plan with employer match 
  • Career-growth opportunities 
  • Flexible Time Off and Paid Time Off benefits 
  • Volunteer opportunities 
At Barracuda, we believe in fair and equitable compensation practices that reflect both market realities and the unique circumstances of each geographical location. We recognize that cost-of-living disparities, market conditions, and other factors can significantly impact compensation expectations in different regions. The compensation range provided in this job description is for illustrative purposes only and may not reflect the actual compensation offers for the position in your location. Final compensation will be determined based on a variety of factors including the candidates’ qualifications and experience. 
 
California: $232,000 - $250,000
New York City: $193,000 - $218,000
Westchester County, NY: $193,000 - $218,000
Washington: $209,000 - $223,000
Colorado: $174,00 - $191,500 
 
#LI-remote

Similar Jobs

Ziff Davis - Backend Software Engineer II

Ziff Davis

Malaga, Western Australia, Australia (Remote)
3 Months ago
Visa - Senior Software Engineer - Full Stack

Visa

Warsaw, Masovian Voivodeship, Poland (Hybrid)
5 Months ago
Nagarro - Associate Staff Engineer, PHP Drupal

Nagarro

India (Remote)
5 Months ago
Razer - Software Engineer (DevOps)

Razer

Shah Alam, Selangor, Malaysia (On-Site)
6 Months ago
Meta - Production Engineering

Meta

Bellevue, Washington, United States (On-Site)
5 Months ago
ION - Network Security Engineer

ION

Milan, Lombardy, Italy (Hybrid)
6 Months ago
The Walt Disney Company - Agent(e) de Sécurité F/H/NB - CDI

The Walt Disney Company

Île-de-France, France (On-Site)
3 Months ago
PwC - Manager - Assurance - IT Audit

PwC

Jakarta, Jakarta, Indonesia (On-Site)
6 Months ago
PwC - FY25 - Talent Pool - Consulting - Associate

PwC

Jakarta, Jakarta, Indonesia (On-Site)
6 Months ago
Take-Two Interactive - Product Security Architect

Take-Two Interactive

England, United Kingdom (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Bigpoint - Lead Game Developer

Bigpoint

Hamburg, Hamburg, Germany (Remote)
3 Months ago
Cricketpedia - Backend Engineer - PHP only

Cricketpedia

Gurugram, Haryana, India (Remote)
2 Years ago
Dambuster Studios - Web Programmer

Dambuster Studios

Nottingham, England, United Kingdom (Hybrid)
2 Months ago
Enphase Energy - Senior Front-end Design (Drupal)

Enphase Energy

Bengaluru, Karnataka, India (On-Site)
4 Months ago
X Studios,  Inc  - Engineer, Django/Python (Contractor)

X Studios, Inc

Winter Park, Florida, United States (On-Site)
8 Months ago
Xsolla - PHP Backend Developer [Payments]

Xsolla

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
8 Months ago
Easygo - Senior Software Engineer

Easygo

Belgrade, Serbia (On-Site)
4 Months ago
USE Insider - Senior Software Engineer (Backend)

USE Insider

İstanbul, İstanbul, Türkiye (Remote)
5 Months ago
Airlab Inc  - Artificial Intelligence Researcher

Airlab Inc

Montreal, Quebec, Canada (On-Site)
9 Months ago
ZeniMax Media - Build Programmer

ZeniMax Media

Rockville, Maryland, United States (On-Site)
7 Months ago

Get notifed when new similar jobs are uploaded

Jobs in United States

Next Level Business Services - Java Developer (Full Time)

Next Level Business Services

Cincinnati, Ohio, United States (On-Site)
5 Months ago
NVIDIA - Research Scientist, Design Automation

NVIDIA

Austin, Texas, United States (On-Site)
2 Months ago
My Fitness Pal - Data Analytics Engineer III

My Fitness Pal

United States (Remote)
2 Months ago
Cirrus Logic - Customer Program Manager - PC

Cirrus Logic

Austin, Texas, United States (Hybrid)
6 Months ago
ByteDance - Algorithm Engineer - Enterprise Solution R&D

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
Epoch Games - Unreal Engine Level Designer

Epoch Games

Winston-Salem, North Carolina, United States (Remote)
10 Months ago
Spin Master - Project Designer Gabby's Dollhouse

Spin Master

California, United States (Hybrid)
2 Months ago
Axon - Senior Manager of Transformation and Internal Controls (Hybrid)

Axon

Denver, Colorado, United States (Hybrid)
4 Months ago
Xsolla - Growth Marketing Manager

Xsolla

Los Angeles, California, United States (Remote)
4 Months ago
Activision - Environment Artist - World

Activision

Santa Monica, California, United States (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - IN_Senior Associate _Cloud Security Expert_Advisory Corporate_Advisory_Kolkata

PwC

Kolkata, West Bengal, India (On-Site)
5 Months ago
Company3 Method Studios - Security Compliance Assessor

Company3 Method Studios

United States (Remote)
2 Months ago
Netflix - Security Software Engineer (L4), Client Security Integrations

Netflix

United States (Remote)
2 Months ago
PwC - Consultant - Health Industries - Go To Market (GtM)

PwC

Brussels, Brussels, Belgium (On-Site)
3 Months ago
PwC - Associate - Mumbai Shivaji Park - Technology Consulting

PwC

Mumbai, Maharashtra, India (On-Site)
6 Months ago
Microsoft - Customer Experience Program Manager

Microsoft

San José, San José Province, Costa Rica (On-Site)
3 Months ago
Jagex - Senior Cyber Security Manager - GRC

Jagex

Cambridge, England, United Kingdom (Hybrid)
1 Month ago
PwC - Seniors Sustainability Assurance - US CLIENT

PwC

Olivos, Buenos Aires Province, Argentina (On-Site)
4 Months ago
ION - Network Security Engineer

ION

Castellazzo Bormida, Piedmont, Italy (Hybrid)
6 Months ago
ByteDance - Senior Security Software Architect - Security Engineering - San Jose

ByteDance

San Jose, California, United States (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded