Application Security Engineer

Qualtrics, the leader in customer experience and creator of the Experience Management (XM) category, is changing the way organizations manage and improve the four core experiences of business––customer, employee, product, and brand. Over 12,000 organizations around the world are using Qualtrics to listen, understand, and take action on experience data (X-data™)––the beliefs, emotions, and intentions that tell you why things are happening, and what to do about it.

The Qualtrics XM Platform™ is a system of action that helps businesses attract customers who stay longer and buy more, engage employees who build a positive culture, develop breakthrough products people love, and build a brand people are passionate about. Join us as we help change the way people experience the world! Advance your career at a company that is dedicated to your ideas and growth, fills you with purpose, and provides a fun, inclusive work environment.

The Challenge

As Qualtrics continues to extend the Experience Management (XM) platform, we must ensure that we’re protecting our customers and their data by delivering and operating secure systems. Hundreds of software engineers contribute to Qualtrics XM every day. We require an outstanding application security program which enables developers to deliver secure code, effectively identifies and remediates security vulnerabilities, and keeps up with our growing scale. Qualtrics is looking for an experienced software developer with a passion for security who is ready to bring our appsec program to the next level.

A Day in the Life

• Review source code & software/system designs, and consult with software engineers across the organization to identify and/or avoid security issues through alignment to security standards.
• Build reusable libraries and components which implement common security functionality for use across the Qualtrics XM platform
• Document and improve secure SDL processes and standards
• Deliver training and provide mentoring to software engineers on security topics
• Facilitate threat modeling exercises to ensure accurate security design decisions are being made
• Coordinate with security champions and other software engineers to ensure successful and timely remediation of vulnerabilities
• Automate redundant tasks related to detection and reporting of vulnerabilities, suspicious application activity, coordination of response activities, etc.
• Implement security testing tools and methodologies (e.g., SAST, DAST) in collaboration with other engineering teams
• Participate in on-call rotation for security operations responsibilities, including security incident response
• Use penetration testing techniques to identify or validate vulnerabilities in Qualtrics products

The Expectation for Success

You will work effectively with the Qualtrics engineering organization, providing reliable technical security expertise on application security issues and applying a team-based approach to solving problems and prioritizing security work. You will seek to streamline and automate processes in order to deliver maximum results with minimal effort.

Skills That Will Lead to Success

• Bachelor’s degree in Computer Science or a related field
• At least three years developing web or backend applications
• Passion and/or interest in Application Security
• Sound understanding of app security vulnerabilities, defense techniques and security best practices, including language-specific security measures and present-day threats
• Experience with modern application development languages and framework

What differentiates us from other companies

• Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
• We take pride in our offices design by encouraging creativity through our rooftop views to an open and transparent work space.
• On top of standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
• We believe in sharing Qualtrics success which is part of the compensation for all employees.