Application Security Engineer
On-site
Full Time
#Engineering
#Cybersecurity
#Application Security
#Vulnerability Testing
#Penetration Testing
#Java
#Python
#C++
#Ruby
#Network Protocols
#Web
#APIs
#Dynamic Analysis
At Podium, we are dedicated to helping local businesses succeed. Our lead conversion platform leverages AI and seamless integrations to help these businesses communicate more effectively, convert leads, and drive sales. Thousands of local companies rely on our suite of review management, communication, marketing, and payment products every day. Our commitment to innovation and growth has earned us recognition from industry leaders, including appearances on the Forbes Cloud 100 and the Inc. 5000 lists. We foster a culture built on exceptional talent and clear operating principles, and we are currently looking for a Senior Application Security Engineer to join our team on a full-time, on-site basis in the United States.
Key outcomes
- Conduct regular vulnerability and penetration testing, with a strong focus on automating both testing and remediation processes.
- Partner with developers and DevSecOps teams to perform validation testing and maintain a continuous cycle of secure software development.
- Stay ahead of emerging security threats by adopting new testing methodologies and participating in project and change management committees.
- Establish and maintain a robust security review process using dynamic and static code analysis tools.
- Document progress against service-level agreements and key business metrics.
- Work alongside architects and development teams to ensure secure system design and contribute to broader information security initiatives.
- Manage security escalations, perform testing, and represent Podium within local security groups and industry conferences.
Requirements
- At least 4 years of experience in cybersecurity, with a strong preference for 5 or more years of background in application programming.
- Technical proficiency in threat modeling, vulnerability testing, and software development using languages such as Java, Python, C++, or Ruby.
- Comprehensive knowledge of network and web protocols, experience managing internal and third-party APIs, and expertise in dynamic and static analysis tools.
- Strong communication skills, specifically the ability to translate technical cybersecurity risks into business-relevant insights.
- A proven track record of integrity, curiosity, and adaptability in a fast-paced environment.
- Fluency in English.
Preferred qualifications
- Experience managing applications within cloud environments like AWS, Microsoft Azure, or GCP, along with knowledge of cryptography controls.
- A background in DevOps for public or private clouds and scripting skills in languages such as JavaScript, PowerShell, or PHP.
- Familiarity with regulatory standards and frameworks such as ISO 27001, NIST, PCI DSS, HIPAA, GDPR, or SOC 2.
- Working knowledge of Windows, Linux, and Unix operating systems.
- Relevant professional certifications, such as CISSP, CSSLP, OSCP, or SANS (GWAPT).
- A bachelor’s degree in computer science, information assurance, MIS, or a related field.
Compensation
We offer a comprehensive benefits package designed to support our employees' well-being and professional growth. This includes:
- Medical, dental, and vision insurance coverage.
- Life and disability insurance.
- A 401k plan with competitive company matching.
- Generous paid time off.
How to apply
If you are passionate about application security and want to contribute to a mission-driven company, we invite you to submit your application. We look forward to reviewing your experience and discussing how you can help us continue to build secure, innovative solutions for our customers.
Podium
11 views
Company Size
501-1000
Markets





