Principal Security Engineer
Conga San Mateo, CA
- Expired: November 13, 2020. Applications are no longer accepted.
Our new company (Conga) was created on May 7, 2020 following the merger of Conga and Apttus. The combining of these two powerful companies creates a leader in mission critical business process solutions. The new Conga is poised to provide the most complete offering in the market to digitally transform the foundational elements of business - documents like quotes, contracts, and the processes that surround them - to achieve commercial excellence. With dual headquarters in Silicon Valley and Denver, Conga offers a competitive pay package, strong employee benefits, and a culture that is centered around our core values.
Conga is a place where people from all backgrounds can contribute their unique skills and ideas, make an impact on our business and our customers, and give back to our communities. • Bring Secure development and testing experience and Determine security requirements by evaluating business strategies and requirements, conducting system security and vulnerability analyses. • Able to drive overall network and infrastructure security and define and maintain policies that govern how we deliver and maintain our production environments. • Able to track and mandate processes within engineering to drive security into our SDLC including code scanning and application scanning focused on eliminating OWASP Top 10 vulnerabilities. • Capable of talking to customers and responding to RFPs on security aspects of the system. • Work with the security team on risk assessments and the studying of architecture/platform of business systems and to preempt potential issues. • Evaluate the efficacy of existing security controls. Recommend and implement improvements as necessary. • Work with external network penetration testing vendors • Integrate automated security testing (including both static and runtime) capabilities into an evolving CI/CD program. • Evangelize and enforce security best practices and embed security expertise within each scrum team Required Skills: • 8+ years of experience in enterprise software security • 3+ years of experience with the Salesforce platform, preferably overseeing architecture and security compliance. • Development experience is a must. Experience is building controls to prevent and identify intrusion. • Well versed with AWS, Azure and Salesforce clouds. • Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual. • Experience with some of the compliance standards like FedRAMP, GDPR, NIST is preferred. • Expert with common web application security testing tools including, but not limited to Burp, Fiddler, OWASP Zap, and at least one commercial solution (Checkmarx, Veracode, AppScan, or similar). • Familiarity with Secure Development Lifecycle practices and Agile development. • Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired. Conga is proud to be an Equal Opportunity Employer and provides equal employment opportunities to all employees and applicants regardless of race, color, religion, gender, gender identity, age, national origin, disability, parental or pregnancy status, marriage and civil partnership, sexual orientation, veteran status, or any other characteristic protected by law.
Reasonable accommodations will be made to meet the requirements of the Americans with Disabilities Act and will be provided as requested by candidates taking part in all aspects of the selection process. All your information will be kept confidential according to EEO guidelines. Additional Information Why should you work for Conga? • From day one you’ll become an integral and active part of Conga’s culture • You will work with a passionate and motivated team • You will be truly empowered to make a difference. We work with innovators, thinkers, and people who push the status quo • You will never hear “that’s not your job” but rather be encouraged to solve problems with creative ideas • You will see your effort and impact come to life as you test boundaries, break down barriers, and skyrocket your career Conga is proud to be an Equal Opportunity Employer and provides equal employment opportunities to all employees and applicants regardless of race, color, religion, gender, gender identity, age, national origin, disability, parental or pregnancy status, marriage and civil partnership, sexual orientation, veteran status, or any other characteristic protected by law. All your information will be kept confidential according to EEO guidelines.