About the role
**Senior Application Security Developer
Reports To:** Development Manager, Engineering & Security
About the Job: With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future, developing new infrastructure features. They will have a familiarity with PCI, GDPR and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
- Front End: React Native, React, JavaScript
- Backend: Ruby, Rails, GraphQL, PostgreSQL, Redis, CouchDb
- Cloud Platform: AWS
- Tools: GitHub, Sidekiq, Docker
You Will:
- Help shape our maturing security vulnerability management program, in support of our PCI DSS and SOC2 security compliance obligations
- Participate in vulnerability assessments, security audits, penetration tests and resolution of any findings
- Complete security code reviews with the use of scanning tools and manual inspection
- Support incident response and architecture review processes when application security expertise is required
- Integrate threat modeling practices into the product development life cycle
- Review/analyze security logs/reports from a variety of sources; propose/implement recommendations for improvement
- Conduct real time tactical management of security events in collaboration with the compliance and engineering teams
- Create and execute phishing campaigns inclusive of ongoing review/analysis/risk prioritization of authentic phishing emails
- Support Vendor Management activities to ensure security standards are adhered to
You Should Have:
- 8+ years of developer experience, with at least 3 of those years specialized in security vulnerability management
- Proficiency with Ruby on Rails and React
- Proven experience in mobile application development (IOS/Android)
- Direct experience with enterprise server platforms, virtualized technology and cloud operations (AWS, Docker)
- Expertise in employing analytics/threat intelligence techniques, incident response process and software security
- Deep knowledge of compliance and privacy management across North America and Europe
- Experienced in the use of the development and testing tools with strong knowledge of networking security
- Excellent communicator capable of explaining vulnerabilities and weaknesses and discussing effective defensive techniques to technical/non-technical team members
Nice to have:
-
Programming experience in
-
unix/mac,javascript/ruby/shell
-
reactjs/react-native/graphq/rest/rails/sidekiq/postgres/couchdb/redis
-
stripe/heroku/aws/github/rubymine
Powered by JazzHR
6v75ds0EPt
About atVenu
atVenu is the world’s leading Live Event Commerce platform for live events. Continuously building and enhancing features designed for maximizing revenue, dynamically adjusting your sales footprint to meet the needs of your event, and making it easier to setup, manage, and monitor sales in real-time. atVenu's platform is used at over 125,000 events each year and trusted by some of the largest companies in the industry.
We're built to quickly deploy, take all forms of payment including RFID and promotions both online and 100% offline, along with concierge service capabilities and mobile ordering.
Our technology combines an advanced backend system specifically built to handle the unique challenges of running live events with a seamless front-end point of sale with mobile order purchasing.
Don't trust us? Ask one of our customers.
Similar jobs you might like
About the role
**Senior Application Security Developer
Reports To:** Development Manager, Engineering & Security
About the Job: With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future, developing new infrastructure features. They will have a familiarity with PCI, GDPR and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
- Front End: React Native, React, JavaScript
- Backend: Ruby, Rails, GraphQL, PostgreSQL, Redis, CouchDb
- Cloud Platform: AWS
- Tools: GitHub, Sidekiq, Docker
You Will:
- Help shape our maturing security vulnerability management program, in support of our PCI DSS and SOC2 security compliance obligations
- Participate in vulnerability assessments, security audits, penetration tests and resolution of any findings
- Complete security code reviews with the use of scanning tools and manual inspection
- Support incident response and architecture review processes when application security expertise is required
- Integrate threat modeling practices into the product development life cycle
- Review/analyze security logs/reports from a variety of sources; propose/implement recommendations for improvement
- Conduct real time tactical management of security events in collaboration with the compliance and engineering teams
- Create and execute phishing campaigns inclusive of ongoing review/analysis/risk prioritization of authentic phishing emails
- Support Vendor Management activities to ensure security standards are adhered to
You Should Have:
- 8+ years of developer experience, with at least 3 of those years specialized in security vulnerability management
- Proficiency with Ruby on Rails and React
- Proven experience in mobile application development (IOS/Android)
- Direct experience with enterprise server platforms, virtualized technology and cloud operations (AWS, Docker)
- Expertise in employing analytics/threat intelligence techniques, incident response process and software security
- Deep knowledge of compliance and privacy management across North America and Europe
- Experienced in the use of the development and testing tools with strong knowledge of networking security
- Excellent communicator capable of explaining vulnerabilities and weaknesses and discussing effective defensive techniques to technical/non-technical team members
Nice to have:
-
Programming experience in
-
unix/mac,javascript/ruby/shell
-
reactjs/react-native/graphq/rest/rails/sidekiq/postgres/couchdb/redis
-
stripe/heroku/aws/github/rubymine
Powered by JazzHR
6v75ds0EPt
About atVenu
atVenu is the world’s leading Live Event Commerce platform for live events. Continuously building and enhancing features designed for maximizing revenue, dynamically adjusting your sales footprint to meet the needs of your event, and making it easier to setup, manage, and monitor sales in real-time. atVenu's platform is used at over 125,000 events each year and trusted by some of the largest companies in the industry.
We're built to quickly deploy, take all forms of payment including RFID and promotions both online and 100% offline, along with concierge service capabilities and mobile ordering.
Our technology combines an advanced backend system specifically built to handle the unique challenges of running live events with a seamless front-end point of sale with mobile order purchasing.
Don't trust us? Ask one of our customers.