logo inner

Application Security Engineer - AppSec

DoceboBiassono, Italy | Milan, ItalyHybrid, Onsite
This job is no longer open
Hey you! 👋  Want to work for one of the fastest growing SaaS companies in the world?
📈We’re building the next generation of learning software that companies like AWS, Netflix, Opentable and L’Oreal rely on to deliver training 💻We believe learning is for everyone, and that we all have something we can learn from each other. We rely on one another to continuously innovate our products and processes to create an exceptional experience for our employees, customers and partners.Still not sure? We are a culture where values are at the center of everything we do. We also embody what we call the Docebo Heart.

We trust our teammates, assume the best of one another, and also hold space for all the differences that make us better. 💙So what are you waiting for? Apply today! Join 800+ global Docebians and change the way people learn. Are you ready to be a part of the learning revolution?🚀

About This Opportunity:


The Application Security Engineer plays an important role in integrating and supporting the AppSec team, including stakeholders across Development and DevOps. This role is highly technical and hands-on while displaying superior collaboration and communication skills.The Application Security Engineer will support the execution of application security assessments including architecture review, threat modeling, code review, and penetration testing, assisting and enabling the product teams to adopt secure development practices. Reports to: Application Security ManagerLocation: Biassono or Milan, Italy (Hybrid)

Responsibilities:


  • Provides application security support to development teams.  This includes collaborating to manage and integrate application security tools and processes.
  • Provide vulnerability and remediation guidance, and perform basic configuration of scans.
  • Triage and validate scan findings, before inputting the associated work tickets.
  • Maintain a focus on automation, to support scalability and efficiency.
  • Coordination and review of penetration testing activities by third-party ethical hackers and vendors.
  • Tuning of DAST/SAST/SCA tools to remove false findings.
  • Management of the Threat Modeling program, to drive a triaged and structured approach towards managing security risks.
  • Work closely with architecture and product teams to drive security issues to resolution, and monitor against SLAs.

Requirements:


  • Fluent in English
  • Deep technical knowledge of Threat Modeling and OWASP methodologies.
  • Hands-on experience using Burp Suite, ZAP, SAST & DAST tools.
  • Understanding of how scanning tools, penetration tests, and post-deploy scanning tools work together in the application security lifecycle.
  • Deep, hands-on experience implementing AppSec tools into a DevOps pipeline.
  • Solid understanding of application security issues, risks, and mitigation strategies.
  • Experience developing and refining Secure SDLC documents and processes.
  • Experience building and leading Information Security training focused on secure development practices and based on OWASP principles.
  • Experience assessing and securing open-sourced software components.
  • Advanced interpersonal verbal and written communications skills.

Nice to have:


  • Background as a Developer, with experience in QA.
  • Experience as a DevOps or SRE Engineer.
  • Experience in Software Development and/or Security-related positions
  • Hands-on experience with Terraform is a plus.
  • Professional certification is a plus (OCSP, SANS, or similar).

Benefits & Perks 😍-Generous Vacation Policy, plus 2 extra floating holidays to use for religious or cultural events that matter to you-Employee Share Purchase Plan-Career progression/internal mobility opportunities-Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)-WeWork partnership and “Work from Anywhere” programHybrid Office Model 🏢We believe when people are together, they develop deeper relationships and accelerate innovation.

Because of this, all Docebo employees worldwide are “hybrid.” We encourage in-person collaboration while supporting work-from-home when employees need dedicated focus time, allowing Docebians to do their best every day. Each team leader is able to decide how often their teams come into the office, considering the needs of the team and the employee’s needs. Our Talent Acquisition team will let you know about the role you are applying for and the hybrid details during the first interview. About Docebo 💙Here at Docebo, we power learning experiences for over 3000 customers around the world with our easy-to-use, AI-powered Suite designed to close the enterprise learning loop.

We have successfully achieved 2 IPOs (TSX: DCBO & NASDAQ: DCBO), been recognized as a Top SaaS e-learning Solution, and are growing exponentially in the process.Docebo is a global company with offices in North America, EMEA, APAC and more. Our people believe in six core values, simply defined and manifested in everything we do - Innovation, Simplicity, Accountability, Togetherness, Curiosity, and Impact. If this sounds like you, now is your time to join one of the fastest-growing learning technology companies on the market.

Apply today!Docebo is an Equal Employment Opportunity employer. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, citizenship status, age, disability, genetic information, or any other category protected under applicable law.Any individuals requiring a reasonable accommodation to assist with their job search or application for employment should send an e-mail to recruiting_accommodations (at) docebo.com.

The e-mail should include a description of the requested accommodation and the position you’re applying for or interested in.Apply for this job

This job is no longer open

Life at Docebo

Trusted by 1,600+ companies worldwide, the Docebo Learning Platform brings together the enterprise LMS you need, the social learning experience your learners want, and the power of Artificial Intelligence to make learning your competitive advantage.
Thrive Here & What We Value1. Valuesdriven culture where innovation is at the center of everything we do.2. Embodying Docebo Heart: trust teammates, assume the best of one another, and hold space for all differences that make us better.3. Global presence with offices in North America, EMEA, APAC, etc.4. Four employee resource groups (Docebo Women's Alliance, PRIDE, BIDOC, Green Ambassadors).5. Hybrid Office Model: encourage collaboration and support work-from-home for focused time.
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2024