Staff Security Engineer at Bazaarvoice

Remote | International
Bazaarvoice

Staff Security Engineer

  • REMOTE, NORTH AMERICA /ENGINEERING /FULL-TIME

Bazaarvoice connects brands and retailers to consumers so that every shopping experience feels personal. From search and discovery to purchase and advocacy, Bazaarvoice’s solutions reach in-market shoppers, personalize their experiences, and give them the confidence to buy. Each month in the Bazaarvoice Network, more than a billion consumers view and share authentic content including reviews, questions and answers, and social photos across 6,000 brand and retail websites. Across the network, Bazaarvoice captures billions of shopper signals monthly – data that powers high-efficiency digital advertising and personalization with unmatched relevance.

Who We Want:

The Staff Security Engineer will be primarily responsible for leading our Application Security initiatives at Bazaarvoice and working to embed security into the day-to-day activities of our software engineering teams.

This role will build custom and open-source tools and services to identify and report on vulnerabilities in applications developed by Bazaarvoice. They will work with developers, QA engineers, and product teams to integrate security testing into all phases of the software development lifecycle. They will identify opportunities to improve the security posture of our products and systems and provide assistance and guidance to the Product & Engineering teams in remediation efforts. They will participate in design reviews, model threats and recommend controls to effectively mitigate risk. Most importantly, they will work to improve and expand their security skill set and innovate existing processes or tools.

This candidate must show proficiency in building scripts and libraries for security testing, have knowledge of application vulnerabilities and effective remediation (e.x. OWASP top 10), and show aptitude for analyzing application and infrastructure architecture. We are primarily a Java/Python/JavaScript shop, so comfort with these languages is a definite plus. They must be comfortable in partnering with software engineers from different backgrounds and skillsets to facilitate meaningful change. Additionally, an ideal candidate must have experience in AWS (or other cloud environments) and come prepared with foundational security knowledge needed to protect a global organization.

What You’ll Be Doing:

  • Develop and maintain new tools and frameworks for automated testing, monitoring, and reporting
  • Assist engineers in integrating security tools and testing libraries into their builds and deployments and monitor their effectiveness
  • Share team administration and maintenance responsibilities for SecOps tools and initiatives (such as WAF platform, Cloud audit, HIDS/NIDS)
  • Build and update meaningful security standards and playbooks for engineering teams
  • Participate in design reviews and assist in threat modeling applications and services
  • Mentor engineers and lead technical security training initiatives (such as OWASP Top 10 training)
  • Serve as a subject matter expert for their area in the Security Incident Response Team
  • Assist developers in implementing standards and monitor and report on the effectiveness
  • Work with Legal, Privacy and the Bazaarvoice clients during audits and examinations
  • Embrace a culture of continuous service improvement and service excellence
  • Stay current on security industry trends

Who You Are:

  • You have several years of experience in a security engineering or architecture role
  • You have several years of experience with the development, deployment, and automation of (custom, open-source, and enterprise) security solutions in a complex cloud-based environment
  • You have demonstrable experience with the AWS (or another major cloud) platform and major services
  • You’ve worked with CI or CD tools such as Jenkins, TravicCI, GitLab CI
  • You understand the goal of DevOps philosophy and where security can integrate into it
  • You have competent coding skills (specifically in building scripts and libraries) in languages like Python, Bash, or Go
  • You understand Agile processes and goals
  • You enjoy finding areas of improvement to explore without needing guidance
  • You can work with a team as well as an individual with little or no supervision
  • Experience with security frameworks or compliance programs such as GDPR, ISO27001, IS027002, NIST CSF
  • You can communicate effectively and build solid relationships with individuals of all skill levels, backgrounds, and job functions

Nice To Have:

  • Security certification such as CISSP, OSCP, GSEC
  • Knowledge of general-purpose programming languages such as Java, JavaScript, Scala
  • Published bug bounty findings or security research
  • Open Source contributor

About Bazaarvoice

Bazaarvoice connects brands and retailers to consumers, so that every shopping experience feels personal. From search and discovery to purchase and advocacy, Bazaarvoice’s solutions reach in-market shoppers, personalize their experiences, and give them the confidence to buy. Each month in the Bazaarvoice Network, more than a billion consumers view and share authentic content including reviews, questions and answers, and social photos across 6,200 brand and retail websites.

Bazaarvoice completed the acquisition of Influenster in August 2019 and with the 2 companies coming together we are able to create an even more attractive proposition for our clients.

Influenster is a digital destination where consumers discover products and reviews that enable them to make well-informed purchase decisions with over 6 million members who have written over 38 million product reviews.

Founded in 2005, Bazaarvoice is headquartered in Austin, Texas with offices in North America, Europe, and Australia. For more information, visit www.bazaarvoice.com.

Why join Bazaarvoice?

We’re committed to client success: There are over 6,200 brand and retail websites in the Bazaarvoice network. Our clients represent some of the world’s leading companies across a wide range of industries including retail, apparel, automotive, consumer electronics and travel.
We’re leaders in consumer-generated content: Each month, more than one billion consumers view and share authentic consumer-generated content, such as ratings and reviews, curated photos, social posts and videos, about products in our network. Last year, 135K reviews were submitted each day.
Our network delivers: Network analytics provide insights that help marketers and advertisers provide more engaging experiences that drive brand awareness, consideration, sales, and loyalty.
We’re a great place to work: We pride ourselves on our unique culture. Join a company that values passion, innovation, authenticity, generosity, respect, teamwork, and performance.

Commitment to diversity and inclusion

Bazaarvoice provides equal employment opportunities (EEO) to all team members and applicants according to their experience, talent, and qualifications for the job without regard to race, color, national origin, religion, age, disability, sex (including pregnancy, gender stereotyping, and marital status), sexual orientation, gender identity, genetic information, military/veteran status, or any other category protected by federal, state, or local law in every location in which the company has facilities. Bazaarvoice believes that diversity and an inclusive company culture are key drivers of creativity, innovation and performance. Furthermore, a diverse workforce and the maintenance of an atmosphere that welcomes versatile perspectives will enhance our ability to fulfill our vision of creating the world’s smartest network of consumers, brands, and retailers.

See all IT Jobs >

Sign up for Daily Remote Job Alerts!

Want Access to 25,000+ More Remote and Flexible Jobs?

More Jobs

More Jobs

Part-time to full-time,
freelance to employee

More Career Fields

More Career Fields

50+ flexible
job categories

More Resources

More Resources

Q&A's, webinars,
career coaching & more

Learn More About Our Premium Service