Principal Application Security Engineer

2 Months ago • 7 Years + • Cyber Security • $174,000 PA - $250,000 PA

Job Summary

Job Description

The Principal Application Security Engineer ensures the security of Barracuda Networks' software and services. Responsibilities include source code review, application security assessments, integrating automated security solutions, architecture review, and advising on security best practices. This role involves identifying vulnerabilities, mitigating risks, collaborating with development teams, and participating in incident response. The ideal candidate possesses deep knowledge of software security best practices, experience with various security tools, and strong communication skills.
Must have:
  • 7+ years experience
  • Source code review (Python, PHP, Go)
  • Manual penetration testing
  • Vulnerability assessment and remediation
  • Collaboration with development teams
  • Security best practices knowledge
  • SAST/DAST/SCA experience
Good to have:
  • Solutions architecture review
  • Threat modeling
  • Fuzzing
  • Infrastructure as Code and cloud security (Azure, AWS)
  • OAuth/OpenID Connect and SAML understanding
  • Bug bounty program management
Perks:
  • Internal mobility
  • Equity (non-qualifying options)
  • High-quality health benefits
  • Retirement plan with employer match
  • Career-growth opportunities
  • Flexible Time Off
  • Paid Time Off
  • Volunteer opportunities

Job Details

Job ID 25 -618
 
Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.
 
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.
 
Envision yourself at Barracuda 
The Principal Application Security Engineer assures the safety and security of Barracuda Networks software and services through source code review, manual application security assessment, operation and integration of automated security assessment solutions, architecture review, and expert advice regarding software security trends, threats, best practices and incidents. Through assuring the safety and security of Barracuda Networks software and services, the Application Security Engineer helps to keep our customers and their data safe and secure. 
 
Tech Stack Exposure 
  • A deep understanding of software security best practices and vulnerabilities, especially as they relate to web applications (e.g. OWASP Top 10) 
  • Experience identifying vulnerabilities in software and SaaS services 
  • Experience in source code review, preferably for Python, PHP and Go 
  • Experience in scoping and performing manual application penetration testing 
  • Experience in assessing the risk of identified vulnerabilities, and providing correct, robust and actionable recommendations to mitigate and/or resolve the vulnerabilities 
  • Experience in understanding software vulnerabilities, in finding other instances of the vulnerability across codebases, and in identifying collateral/related vulnerabilities. 
  • Experience in assessing the implemented resolution of a vulnerability for completeness and accuracy, and identifying bypasses for the implemented resolution 
  • Experience in working collaboratively with software development teams to identify vulnerabilities in all stages of software development 
  • Experience in communicating effectively with people of varying security proficiency and interest (fellow security professionals, engineering, and management) 
  • The ability to coordinate and participate in wide-scale Software Incident Security Response exercises such as the log4j response, understanding and unpacking information as incidents unfold, and in working across the organization to deliver a comprehensive "Identify, Resolve, Validate" solution 
  • Basic programming experience in at least one language, preferably Python or Go, and experience in automating routine tasks such as searching source code and manipulating data. 
What you’ll be working on 
  • Ensure the secure delivery of software from design through to implementation 
  • Maintain awareness of software security trends, incidents, and best practices, and provide expert advice and guidance to engineering teams regarding secure development and vulnerability remediation. 
  • Manage Barracuda’s bug bounty programs 
  • Work collaboratively with the organization, including with Security, Compliance and Engineering, to understand and remediate computer and software security incidents 
  • Evaluate new and emerging security technologies, features, and products. 
What you bring to the role 
  • 7+ years of experience 
  • The ability to perform source code review in new and unfamiliar languages using knowledge of security best practices and a willingness to read documentation 
  • Solutions architecture review experience, and the ability to identify opportunities and vulnerabilities early in the specification and development of software 
  • Threat modelling experience 
  • Fuzzing experience 
  • Experience using and integrating automated software security scanners such as SAST/DAST/SCA 
  • An understanding of Infrastructure as Code and cloud platform security (preferably Azure and AWS) 
  • An understanding of identity, authentication and authorization protocols including OAuth/OpenID Connect and SAML 
  • Published examples of work such as original research, vulnerability advisories, conference talks, bug bounty writeups or CTF writeups 
  • The ability to identify opportunities for process improvement, including automation and the authorship of software (scanners, fuzzers, helper utilities etc.) 
  • Experience participating in and/or managing bug bounty programs 
  • Experience with and/or a willingness to collaborate with other security functions such as compliance and policy, network/corporate security, security monitoring and incident response 
 
What you’ll get from us  
 
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.  
 
  • Equity, in the form of non-qualifying options 
  • High-quality health benefits 
  • Retirement Plan with employer match 
  • Career-growth opportunities 
  • Flexible Time Off and Paid Time Off benefits 
  • Volunteer opportunities 
At Barracuda, we believe in fair and equitable compensation practices that reflect both market realities and the unique circumstances of each geographical location. We recognize that cost-of-living disparities, market conditions, and other factors can significantly impact compensation expectations in different regions. The compensation range provided in this job description is for illustrative purposes only and may not reflect the actual compensation offers for the position in your location. Final compensation will be determined based on a variety of factors including the candidates’ qualifications and experience. 
 
California: $232,000 - $250,000
New York City: $193,000 - $218,000
Westchester County, NY: $193,000 - $218,000
Washington: $209,000 - $223,000
Colorado: $174,00 - $191,500 
 
#LI-remote

Similar Jobs

ByteDance - Software Engineer Graduate (Multi Cloud CDN) - 2025 Start (BS/MS)

ByteDance

San Jose, California, United States (On-Site)
6 Months ago
OAO INFO INDIA - Magento/Laravel Developer

OAO INFO INDIA

Pune, Maharashtra, India (On-Site)
3 Months ago
ByteDance - Senior Backend Software Engineer, Trust and Safety

ByteDance

Singapore (On-Site)
7 Months ago
Appirits - Game Engineer

Appirits

Shibuya, Tokyo, Japan (On-Site)
2 Months ago
Meta - Production Engineer

Meta

Bellevue, Washington, United States (Remote)
6 Months ago
ByteDance - Senior Site Reliability Architect - Security Engineering - San Jose

ByteDance

San Jose, California, United States (On-Site)
5 Months ago
ByteDance - Software Engineer, Global Payment Privacy & Security

ByteDance

San Jose, California, United States (On-Site)
2 Months ago
ByteDance - Senior Product Manager - Cloud Security

ByteDance

Singapore (On-Site)
6 Months ago
PwC - IT Audit / IT Consultant

PwC

Phnom Penh, Phnom Penh, Cambodia (On-Site)
7 Months ago
Google - Systems Development Engineer III

Google

Reston, Virginia, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Meta - Software Engineer, Infrastructure

Meta

New York, New York, United States (Remote)
6 Months ago
Bohemia Interactive - Node.js Developer

Bohemia Interactive

Prague, Prague, Czechia (On-Site)
1 Month ago
Meta - Software Engineer, Infrastructure

Meta

Menlo Park, California, United States (Remote)
6 Months ago
Playtika - Server Technical Lead

Playtika

Poland (Hybrid)
6 Months ago
Valve corporation - Psychologist
Research/Experimental

Valve corporation

Bellevue, Washington, United States (On-Site)
6 Months ago
Checkmarx - Solutions Engineer

Checkmarx

Bengaluru, Karnataka, India (Hybrid)
6 Months ago
Rohde & Schwarz - Frontend Developer

Rohde & Schwarz

Bengaluru, Karnataka, India (On-Site)
9 Months ago
Easygo - Software Development Engineer (Frontend)

Easygo

Melbourne, Victoria, Australia (On-Site)
3 Months ago
Meta - Production Engineering

Meta

Cambridge, Massachusetts, United States (Hybrid)
6 Months ago
Rackspace Technology - Site Reliability Engineer III

Rackspace Technology

India (Remote)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in United States

Google - Software Engineering Manager, Network Load Balancing

Google

New York, New York, United States (On-Site)
1 Month ago
Buckman - Solutions Engineer PT East

Buckman

Memphis, Tennessee, United States (On-Site)
6 Months ago
NVIDIA - Senior Signal and Power Integrity Engineer

NVIDIA

Santa Clara, California, United States (On-Site)
4 Months ago
Life church - Senior Quality Engineer

Life church

Edmond, Oklahoma, United States (On-Site)
7 Months ago
Axinous - Account Executive - Federal Civilian

Axinous

Virginia, United States (Remote)
2 Months ago
Tencent - Partner Development Manager

Tencent

California, United States (On-Site)
2 Months ago
Visual Concepts - Senior Server Engineer, NBA 2K

Visual Concepts

Novato, California, United States (On-Site)
6 Months ago
Bonfire Studios - Senior Gameplay Animator

Bonfire Studios

California, United States (Hybrid)
1 Month ago
Nintendo - Manager, Fraud Operations

Nintendo

Redmond, Washington, United States (Hybrid)
2 Months ago
SciPlay - Director of Product

SciPlay

Cedar Falls, Iowa, United States (Hybrid)
5 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ByteDance - Software Engineer Intern, Security Engineering

ByteDance

Singapore (On-Site)
2 Months ago
Google - Staff Software Engineer, Security/Privacy, Formal Verification

Google

Seattle, Washington, United States (On-Site)
1 Month ago
Google - Technical Security Advisor, Cloud Security

Google

São Paulo, State Of São Paulo, Brazil (On-Site)
1 Month ago
ION - Cyber Product Owner, Italy

ION

Italy (Hybrid)
7 Months ago
ByteDance - Security Engineer (Penetration Tester) - 2025 Start

ByteDance

Singapore (On-Site)
6 Months ago
Fortis Games - Senior Cloud Security Engineer

Fortis Games

Portugal (On-Site)
2 Months ago
SmileGate - Security Infrastructure Operations Manager

SmileGate

Seongnam-si, Gyeonggi-do, South Korea (On-Site)
4 Months ago
ByteDance - Security Operations Manager

ByteDance

Jakarta, Jakarta, Indonesia (On-Site)
3 Months ago
Trend Micro - Automotive Research Engineer - Threat Intelligence & Content Creation (VicOne)

Trend Micro

Taipei City, Taiwan (On-Site)
7 Months ago
CloudLinux - Senior Go Developer for Imunify360

CloudLinux

Masovian Voivodeship, Poland (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Ann Arbor, Michigan, United States (Remote)

United States (Remote)

Illinois, United States (Remote)

Arizona, United States (Remote)

Chelmsford, Massachusetts, United States (Hybrid)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

Ottawa, Ontario, Canada (Hybrid)

Ottawa, Ontario, Canada (Hybrid)

Reading, England, United Kingdom (Hybrid)

Ann Arbor, Michigan, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Barracuda Networks Inc

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug