SENIOR APPLICATION SECURITY ENGINEER
Descripción de la oferta de empleo
Through our intelligent skills platform and a global community of instructors, we’ve helped over 70 million learners and organizations achieve their goals.
Come join us in ensuring everyone, everywhere has access to the skills they need to unlock their potential and create possibilities for themselves and others.
Hybrid work Udemy is headquartered in San Francisco with global offices in Australia, India, Ireland, Türkiye, and other US locations.
Our robust hybrid work model spans San Francisco, Denver, Ankara, Dublin, Mexico City and Melbourne.
This hybrid position requires two days per week in the office at the nearest hub.
__________________________________________________________________________________________________ About You You’re an analytical problem-solver ready to put your skills toward purposeful work that has a global impact.
You want to lead the way in innovation, exploring the latest technologies and finding new solutions.
You thrive in a collaborative environment and are eager to work with and learn alongside the best in Product, Design, and Engineering.
About this role As a Senior Application Security Engineer, you will be pivotal in ensuring that security is woven into the fabric of our software development processes.
You will collaborate closely with development teams to implement 'developer-first' and 'shift-left' approaches to security, enabling teams to build secure applications from the ground up.
Leveraging your deep understanding of application security frameworks and principles, you will help instill a security-first mindset across the organization.
Security and trust are vital to the Udemy business model and integral to product development.
Partner with cross-functional Product Development and Engineering, Trust and Safety, and Data Science teams to help conceptualize and develop world-class solutions.
Foster a community of security and privacy champions’.
What you'll be doing Key Responsibilities.
Security Integration.
Collaborate with development teams to integrate security practices into all phases of the software development lifecycle (SDLC) using 'shift-left' principles.
Developer Enablement.
Advocate for and implement 'developer-first' security tools and processes that empower developers to write secure code without sacrificing agility.
Framework Expertise.
Utilize your expertise in key application security frameworks (e.
., OWASP Top 10, SANS Top 25) to assess and enhance the security of our applications.
Code Reviews.
Conduct security-focused code reviews and provide actionable feedback to developers.
Security Champions Program.
Lead and expand our Security Champions program by identifying and mentoring developers across the organization to be security advocates.
Vulnerability Management.
Work with teams to identify, prioritize, and remediate security vulnerabilities in applications.
Threat Modeling.
Collaborate with teams to perform threat modeling, identifying potential security risks early in the development process.
Red Teaming.
Work in a proactive and non-destructive manner to continually test internal services for vulnerabilities and weaknesses.
Consult with the corresponding product owners and engineering teams to prioritize and correct any issues identified.
Continuous Improvement.
Stay updated on the latest security trends and continuously improve our security practices, tools, and frameworks.
Training & Awareness.
Develop and deliver training sessions to improve the security knowledge and skills of our development teams.
What you’ll have Experience.
5+ years of experience in application security with a background in software development.
Technical Skills.
Proficiency in at least one programming language (e.
., Java, Python, JavaScript, etc.) and familiarity with CI/CD pipelines and tools.
Framework Knowledge.
Deep understanding of application security frameworks and standards (OWASP Top 10, SANS Top 25, NIST, etc.).
Developer Tools.
Experience with developer-centric security tools (e.
., SAST, DAST, SCA, etc.).
Security Principles.
Strong grasp of secure coding practices, threat modeling, and vulnerability management.
Collaboration.
Excellent communication skills and the ability to work effectively with cross-functional teams.
Mindset.
A proactive, 'security-as-code' mindset, with a focus on embedding security into every stage of the development process.
Preferred Qualifications.
Experience in cloud security and understanding of cloud-native applications.
Knowledge of container security and microservices architecture.
Certifications such as CISSP, CEH, or equivalent.
We understand that not everyone will match each of the above qualifications.
However, we also realize that everyone has unique experiences that can add value to our company.
Even if you think your background might not perfectly align, we'd love to hear from you! Life at Udemy We aspire to be as vibrant and dynamic as the communities we serve, as inquisitive as those who use our platform, and as revolutionary as the future we strive to open for everyone.
Here are some of the things we love about life at Udemy.
We’re invested in creating an inclusive environment that welcomes a diverse range of backgrounds and experiences.
From creating employee resource groups, ensuring we’re a Fair Pay Workplace, and building a flexible work culture, our belonging, equity, diversity, and inclusion (BEDI) initiatives always put our people first.
We want you to be able to bring your authentic self to work because when we all do, we’re better for it.
Learning is what we do – inside and out.
Our Learning & Development team is second to none, helping ensure your journey is one of continuous progression.
You’ll also have unlimited access to Udemy courses, monthly UDays (meeting-free professional development days), and a generous annual professional development stipend.
Our reason to exist is to revolutionize learning – that calls for taking risks and learning from failures.
Whether it’s our hackathons (a company-wide effort to envision new possibilities for our product) or sharing our prototypes, we see experimentation as a crucial step on the path to success.
We’re committed to creating world-class employee experiences and are proud of the recognition of this by Great Place to Work.
Of course, the best thing about being part of Udemy is knowing your work makes a difference for people and organizations around the world.
You’ve got the skills; why not use them to help others develop theirs? At Udemy, we value diversity and inclusion and consider qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability.
We will consider for employment qualified applicants with arrest and conviction records.
Why Udemy? Innovation-Driven.
Be part of a team that values innovation and encourages creative security solutions.
Impactful Role.
Directly influence the security posture of our products and services.
Growth Opportunities.
Opportunities for professional development and career advancement.
Inclusive Culture.
Work in an inclusive environment that promotes diversity and values each team member’s unique contributions.
Udemy Mexico Benefits Our benefits are designed to support you and your family with the protection and care you need, ensuring easy access to the right coverage when it matters most.
Here’s a snapshot of the key benefits for full-time Udemates based in Mexico.
Core Benefits.
Medical, Dental, and Vision Coverage.
Includes maternity, private hospital, dental, and vision benefits for employees and eligible dependents.
Life Insurance.
12x monthly base salary, with a Free Cover Limit of MXN 7.
million.
Financial Benefits.
Grocery Vouchers.
Monthly vouchers valued at $ MXN.
Teleworking Allowance.
$800 MXN monthly.
Savings Fund.
Both you and Udemy contribute 13% of your monthly salary, capped to 1.
times the UMA value.
Christmas Bonus.
Equivalent to 30 days of your current salary.
Vacation Bonus.
25% premium on your vacation days.
Time Off Benefits.
Holidays.
Udemy observes 12 public holidays in Mexico.
Annual Leave.
12 days of annual leave per year.
Sick Leave.
10 days of paid sick leave per year.
Family Bonding.
12 weeks of maternity leave or partner leave for bonding after the birth or adoption of a child.
Bereavement Leave.
Up to 20 working days for the loss of a loved one.
Wellbeing Benefits.
Maven (Reproductive Health).
Unlimited virtual appointments and $ lifetime benefit for fertility, adoption, and surrogacy.
Modern Health (Therapy and Coaching).
10 sessions with therapists and 10 sessions with coaches per year.
Origin (Financial Planning).
Free access to Certified Financial Planners for you and your spouse.
Workplace Options (EAP).
24/7 support for family, stress, caregiving, financial, and legal issues.
Additional Perks.
Udemy Courses.
Free and unlimited access to Udemy’s Marketplace and Udemy Business.
Home Office Reimbursement.
$500 one-time reimbursement and $35 monthly for work-from-home needs.
At Udemy, we strive to be transparent around compensation.
Actual compensation for this role is based on several factors, including but not limited to job-related skills, qualifications, experience, and specific work location due to differences in the cost of labor.
In addition to a base salary, this role is also eligible for benefits and equity.
Hiring Compensation Range $ MXN
Detalles de la oferta
- Udemy
- En todo México
- Sin especificar - Sin especificar
- Sin especificar
- 21/11/2024
- 19/02/2025
Candidateshould have good communication skills, be a team player and be able to lead a team... requisitos del puestogood knowledge of the architecture of the tandem platform good knowledge in handling tacl macros, obey files, shell script good knowledge in middleware configuration like pathway, mq ......
Required/minimum skills/qualifications: minimum 2+ years relevant experience as technical/functional consultant or engineer engineering or master’s degree in computer science/information technology (it) or equivalent relevant product certifications from microsoft excellent communication skills - verbal......
Experience wrapping an application using capacitor... ensuring the best performance and user experience of the application... responsibilities support the entire application lifecycle (concept, design, test, release, and support)... demonstrable experience with native hardware sensor api (sdk) integration......
As a full stack engineer assigned to the product/project ensure performance, maintainability, and functional requirements from design, development, testing to rollout and support... work with cross-engineering staff, collaborating on hardware and system monitoring requirements to ensure expected performance......
Importante empresa multinacional de origen suizo esta en búsqueda de tu talento como: project engineer escolaridad: ingeniero mecánico (titulado)... inglés avanzado (la entrevista es en inglés) edad: 26 a 30 años experiencia laboral de 3 a 4 años como mechanical engineer o en ingeniería de proyectos......
Te estamos buscando a ti como diseñador estructural senior... nosotros (torre) estamos ayudando a diseños en corrugado y publicidad a encontrar al mejor candidato para unirse a su equipo tiempo completo para el rol de diseñador estructural senior... escolaridad: ingeniería industrial, diseño industrial......
Candidate should have good communication skills, be a team player and be able to lead a team... requisitos del puesto good knowledge of the tandem platform architecture good knowledge of cobol85, c and tal programming languages good knowledge in programming with pathway middleware......
We are looking for an enthusiastic and motivated “senior unisys developer” in our development team... candidateshould have good communication skills, be a team player and be able to lead a team... requisitos del puesto good knowledge of the unisys platform architect good knowledge of cobol and algol......
Essential: graduated industrial engineer or related... preferably more than one year experience in the automotive or aviation industry... customer service quotations and follow-ups search for new customers apqp administration constant communication with international customers prepare, schedule, coordinate......
En acute talent buscamos >>> senior consultant tm (transportation management)<<< para madrid, españa (presencial)... ➡ disponibilidad para viajar... ➡ experiencia con s/4hana international trade y/o sap gts... ➡ ingles avanzado... *muy importante: residir en españa (presencial en madrid y alrededores)......