Engineering / Arlington, VA

Senior Security Engineer, Application Security

Reducing months of backward-looking manual spreadsheet inputs to instant visualizations with continuous monitoring, the Interos platform helps the world’s companies reduce risk, avoid disruptions, and achieve dramatically superior resilience. Businesses can uncover game-changing opportunities that radically change the way they see, learn and profit from their relationships.

Apply

Interos is the operational resilience company — reinventing how companies manage their supply chains and business relationships — through a breakthrough SaaS platform that uses artificial intelligence to model and transform the ecosystems of complex businesses into a living global map, down to any single supplier, anywhere.

Reducing months of backward-looking manual spreadsheet inputs to instant visualizations with continuous monitoring, the Interos platform helps the world’s companies reduce risk, avoid disruptions, and achieve dramatically superior resilience. Businesses can uncover game-changing opportunities that radically change the way they see, learn and profit from their relationships.

Based in Washington, DC, Interos serves global clients with business-critical, interdependent relationships. The fast-growing private company is led by CEO Jennifer Bisceglie and supported by investors Venrock and Kleiner Perkins. For more information, visit www.interos.ai.

THE OPPORTUNITY

Interos is looking for a Senior Security Engineer, Application Security, who will be responsible for designing, building, and delivering significant components of Interos' threat hunting strategy and overall security posture. You will work on a cross-functional team with knowledge of security processes and procedures, best practices, perform in-depth and advanced analysis in the pursuit to prove or disprove malicious activity. Knowledge and experience with information security controls, infrastructure, implementation techniques, familiarity with adversarial techniques, and application and infrastructure assessment are critical components for this role. You will demonstrate organizational and cross-functional communication skills to drive investigations into threats throughout the organization. 

Essential Functions/Duties:

  • Responsible for developing secure coding guidelines and best practice documentation for custom developed applications as well as ensuring the guidelines are followed.
  • Conduct assessments using COTS and other tools to ensure coding practices are followed and effective as well as identify risks.
  • Produce and update secure coding guidelines and related documentation
  • Collaborate with development teams to ensure secure coding best practices are followed
  • Collaborate with development teams to support remediation of software vulnerabilities
  • Provide coding guidance to ensure best practices are continually followed and issues addressed.
  • Conduct assessments of custom applications and related code to identify risks
  • Perform general security policy development/maintenance and audit compliance support

Minimum Qualifications:

  • Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
  • 6+ years of hands-on experience in information security 
  • 5 years of direct experience supporting secure coding practices
  • Demonstrated understanding of web application and database security
  • Knowledge of software/application hardening OR input validation testing OR SQL injection testing a PLUS!
  • Strong technical background in software security design/implementation and data protection
  • Strong communication, interpersonal, consulting style skills to interface with staff, developers, and customers
  • Knowledge of all domains within information security, especially defensive strategies, MSSP's 
  • 3+ years experience with more than one IDS/IPS, EDR, SIEM, and manual log analysis techniques
  • 4+ years experience in Shell scripting or automation of tasks using Python 
  • Experience in application development using languages like Go, C/C++, or C# and source code review for control flow and security flaws 
  • Thorough understanding of network protocols, data on the wire, and covert channels 
  • Mastery of Unix/Linux/Mac/Windows operating systems, including Bash and Powershell 
  • Experience in scripting and configuration of SIEM tools 
  • Knowledge of web application logs and system event logs (Windows & *Nix) 
  • Ability to navigate and work effectively across a complex, geographically dispersed organization 
  • Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals 
  • Eligibility to obtain a security clearance is preferred

Preferred Qualifications:

  • Forensics background
  • Certifications in one or more of the following:
    • SANS GIAC Certification(s)
    • CEH
    • CISSP
    • OSCP
    • Other cybersecurity offense / defense certifications

BENEFITS

  • Comprehensive Health & Wellness package (Medical, Dental and Vision)
  • 10 Paid Holiday Days Off
  • Flexible Paid Time Off (PTO)
  • 401(k) Employer Matching
  • Stock Options
  • Career advancement opportunities
  • Casual Dress
  • On-site gym and dedicated Peloton room at headquarters
  • Company Events (Sports Games, Fitness Competitions, Birthday Celebrations, Contests, Happy Hours)
  • Annual company party
  • Employee Referral Program

Interos is proud to be an Equal Opportunity Employer and will consider all qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity, genetic information, national origin, disability, protected veteran status or any other classification protected by law.

If you are a candidate in need of assistance or an accommodation in the application process, please contact [email protected]

 

Career image

Apply

Interos is proud to be an Equal Opportunity Employer and will consider all qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity, genetic information, national origin, disability, protected veteran status or any other classification protected by law.

If you are a candidate in need of assistance or an accommodation in the application process, please contact HR@interos.com

Apply

Ensure Operational Resilience

Request Contact

Build operational resiliency into your extended supply chain:

  • 889 compliance – ensure market access
  • Data sharing with 3rd parties and beyond – protect reputation
  • Concentration risk – ensure business continuity
  • Cyber breaches – assess potential exposure
  • Unethical labor – avoid reputational harm
  • On-boarding and monitoring suppliers – save time and money