security best practices, perform software architecture and design reviews, threat modeling, conduct white box security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms with a focus on supporting our GovCloud program.

We are looking for someone with a strong background in information security and a proven ability to deliver under pressure. Position is remote and candidates must be willing to collaborate with team on PST timezone. Requires U.S. Citizenship.

In this role you will…

• Participate in architecture and design reviews with senior Engineering/DevOps staff to incorporate effective security standards into product design
• Design, build & maintain security tools/processes to effectively secure our cloud-based environments (AWS, GovCloud,GCP)
• Implement a program to integrate security into the build/release pipelines to ensure our code is secure before it goes to production
• Conduct white box security testing to assess and validate application security
• Define, maintain and enforce application security best practices and evaluate application security tools to improve our detection and prevention capabilities
• Monitor and track progress of found vulnerabilities and maintain the history
• Explain and demonstrate vulnerabilities to application/system owners, and provide recommendations for mitigation
• Issue reports on assigned application and system scans
• Perform secure code development training to developers, quality assurance personnel and relevant staff

You’ve Got What It Takes If You Have…

• Ability to obtain a security clearance which requires US citizenship
• Bachelor’s degree in an Information Technology related field of study or equivalent post high school education and/or work-related experience
• 4+ years of experience in web or mobile application security
• Experience with STIG and/or CIS
• Knowledge of information security principles, web applications, and a level of familiarity with malicious code and common techniques used by hackers
• Experience with CI/CD practices and tools (Git, Jenkins) and integrating security solutions into CI/CD pipelines
• Experience working on security responsibilities for a SaaS or PaaS solutions, preferably running in AWS.
• Understanding of SAST, DAST, Pen test and Open source vulnerability testing
• Experience with common SDLC tools: static and dynamic code analysis, open source management, threat modeling, etc.
• Experience creating solutions in C#, Python, Node.JS, or Go, and Infrastructure as Code (AWS Cloud Formation)
• Experience with HTML and JavaScript along with a solid understanding of HTTP protocol
• Excellent problem solving and analytical skills; outstanding oral and written communication skills
• Experience coordinating penetration testing activities
• Experience interacting with security vendors and customers
• Self-motivation and the ability to work under minimal supervision are a must
• Excellent at multitasking, and open to constant learning
• Energetic and positive attitude
• Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment
• Consideration for privacy and security obligations

An extra dose of awesome if you have…

• Experience working in AWS GovCloud or FedRAMP environment
• Knowledge of microservices architectures
• Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.Net. .NET Core or scripting (Python, Shell)
• Thorough understanding of SDLC and software security maturity models such as Building Security In Maturity Model (BSIMM) or OWASP Software Assurance Maturity Model (SAMM)
• Experience conducting secure code development training
• Knowledge of FIPS 140-2 and cryptographic tools

Total Rewards

At Cornerstone, our transparent total rewards program is based on three core tenets: equitable pay, market dynamic research, and skill-based appraisal.

The base salary range for this position is: $115400 - $184600 USD

In addition to competitive base pay, the compensation package for this role may include other incentives like bonus or commission, along with a generous benefits package. Additional base pay may be available if you reside in a high-cost metro area (New York City or San Francisco Bay Area).

This range reflects the minimum and maximum salary for this position. Where an individual’s pay falls within the range is determined by factors including, but not limited to, job-related skills, experience, and relevant education or training.

Our Culture

Our mission is to empower people, businesses and communities. A culture created less by what we do and more by who we are. When people ask what our team is about, we point to our core values: champion customer success, bring our best, achieve together, get stuff done, and innovate every day. We're always on the lookout for new, curious and capable people who can help us achieve our goal and we are seeking diversity in the people who join our team. We want to make sure that our company reflects the demographic of our customers, clients, and the communities in which we operate. So if you want to work for a friendly, global, inclusive and innovative company, we'd love to meet you!

What We Do

Cornerstone is a premier people development company. We believe people can achieve anything when they have the right development and growth opportunities. We offer organizations the technology, content, expertise and specialized focus to help them realize the potential of their people. Featuring comprehensive recruiting, personalized learning, modern training content, development-driven performance management and holistic employee data management and insights, Cornerstone’s people development solutions are successfully used by more than 100 million+ people in 180+ countries and in nearly 50 languages.

Cornerstone takes special care to ensure the security and privacy of the data of its users.

Check us out on LinkedIn , Comparably , Glassdoor , and Facebook !

Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, religion, color, gender, sex, age, sexual orientation, gender identity, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at careers@csod.com .

Looking for remote jobs near your area? At Yulys, thousands of employers are looking for exceptional talent like yours. Find your perfect fit now.