Lead Applications Security Engineer (Product) at Copado
New Orleans, LA 70112
About the Job
About Copado:Copado is the #1 DevOps Platform for Salesforce and the Cloud
We harness the power of native CI/CD and Robotic Testing to drive digital transformation for 1,000+ of the most innovative brands on the planet — from Coca-Cola to eBay to Volkswagen
Our low-code platform unites non-technical admins and pro-code developers on the same system and empowers enterprises to scale end-to-end software delivery across multi-cloud environments. The impact on your business? 20X faster releases, 94% fewer production bugs and 46% more Salesforce ROI
The impact on your team? No more late nights, weekend war rooms or stressful release days.Copado is bringing the Big Easy vibes to our team, and we want you to be part of it! We're excited to announce new remote work opportunities based in the heart of New Orleans
Whether you're a NOLA native, a Tulane or Loyola alum missing those beignet breakfasts, or just someone looking to add some jazz to your career, we've got a spot for you!How You’ll Make an ImpactSecurity plays a critical role at Copado in building and protecting customer trust
We need your help scaling our security initiatives as Copado expands its product offerings to new markets and customers
You’ll be in charge of Product Security, and be part of a small but mighty Security team, reporting to the Head of Security. What You’ll DoConduct product design reviews, threat modelling, and technical security assessments of products to identify risks and provide security guidanceDrive security architecture best practices across different product linesScale the impact of our team through tooling and automationTrack and drive vulnerability remediation across our code base and cloud infrastructurePartner with engineering teams to integrate reproducible security practices into the product development lifecycleCollaborate with Product, Engineering, Legal, IT and other internal stakeholders to provide recommendations for solutions focused on decreasing business riskRepresent product security in our ISO27001, SOC 2, and FedRAMP audits Author security guidelines and documentationThe Critical Competencies / Expertise You’ll Bring With YouCollaborative Communication: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message
You are experienced in communicating with technical and non-technical audiences, leadership, internal and external parties.Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you. Motivated Learner: You learn new technologies, and processes quickly, and understand where and how to look for knowledge when you need it. Holistic Focus: You can get into technical security issues, but you are able to consider the security landscape holistically, factoring in both the business and security context.Data Driven: Experience using data to inform decisions and familiarity with quantified risk.The Experience You’ll Bring With YouDeep understanding of application security best practices, and how those fit into web application architecture and design principlesIn-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.Demonstrated experience in building or up levelling an SDLC program.Strong organizational skills around compiling and disseminating the right amount of information for security issues to different types of audiencesRelevant development experience in programming languages such as: Java, Python, JavaScript / Node.jsHighly Valued, But Not Required:In-depth knowledge of the Salesforce platform, GCP, or AWSExperience with security and compliance frameworks (ISO 27001, SOC 2, FedRAMP)Public speaking engagements or published researchProfessional security certifications (e.g., OSCP, OSCE)You are a fit for Copado if:You’re a confident professional, able to balance competing demands and work independently.You’re energetic and enjoy working in a fast-paced global environment.You are able to undertake international travel - on average circa 1 week a quarter.You’re a jack of all trades, and always looking to learn moreHead-over-heels about this role — but not sure you meet all the requirements? Apply anyway! Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. We have determined a salary range for this position that takes into account several factors including experience, knowledge, education, skills, and abilities
Please note that the salary information is a general guideline only
The exact salary will be determined based on the individual’s qualifications and experience, with consideration given to the factors listed above
All employee benefits include a stake in shared success through stock options, health benefits, 401(k) plan, generous PTO, and a parental leave program.Salary Range (OTE)$200,000—$200,000 USDCopado is Equal Employment Opportunity and Affirmative Action Employers
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status
Copado does not accept unsolicited headhunter and agency resumes
Copado will not pay any third-party agency or company that does not have a signed agreement with Copado.
We harness the power of native CI/CD and Robotic Testing to drive digital transformation for 1,000+ of the most innovative brands on the planet — from Coca-Cola to eBay to Volkswagen
Our low-code platform unites non-technical admins and pro-code developers on the same system and empowers enterprises to scale end-to-end software delivery across multi-cloud environments. The impact on your business? 20X faster releases, 94% fewer production bugs and 46% more Salesforce ROI
The impact on your team? No more late nights, weekend war rooms or stressful release days.Copado is bringing the Big Easy vibes to our team, and we want you to be part of it! We're excited to announce new remote work opportunities based in the heart of New Orleans
Whether you're a NOLA native, a Tulane or Loyola alum missing those beignet breakfasts, or just someone looking to add some jazz to your career, we've got a spot for you!How You’ll Make an ImpactSecurity plays a critical role at Copado in building and protecting customer trust
We need your help scaling our security initiatives as Copado expands its product offerings to new markets and customers
You’ll be in charge of Product Security, and be part of a small but mighty Security team, reporting to the Head of Security. What You’ll DoConduct product design reviews, threat modelling, and technical security assessments of products to identify risks and provide security guidanceDrive security architecture best practices across different product linesScale the impact of our team through tooling and automationTrack and drive vulnerability remediation across our code base and cloud infrastructurePartner with engineering teams to integrate reproducible security practices into the product development lifecycleCollaborate with Product, Engineering, Legal, IT and other internal stakeholders to provide recommendations for solutions focused on decreasing business riskRepresent product security in our ISO27001, SOC 2, and FedRAMP audits Author security guidelines and documentationThe Critical Competencies / Expertise You’ll Bring With YouCollaborative Communication: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message
You are experienced in communicating with technical and non-technical audiences, leadership, internal and external parties.Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you. Motivated Learner: You learn new technologies, and processes quickly, and understand where and how to look for knowledge when you need it. Holistic Focus: You can get into technical security issues, but you are able to consider the security landscape holistically, factoring in both the business and security context.Data Driven: Experience using data to inform decisions and familiarity with quantified risk.The Experience You’ll Bring With YouDeep understanding of application security best practices, and how those fit into web application architecture and design principlesIn-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.Demonstrated experience in building or up levelling an SDLC program.Strong organizational skills around compiling and disseminating the right amount of information for security issues to different types of audiencesRelevant development experience in programming languages such as: Java, Python, JavaScript / Node.jsHighly Valued, But Not Required:In-depth knowledge of the Salesforce platform, GCP, or AWSExperience with security and compliance frameworks (ISO 27001, SOC 2, FedRAMP)Public speaking engagements or published researchProfessional security certifications (e.g., OSCP, OSCE)You are a fit for Copado if:You’re a confident professional, able to balance competing demands and work independently.You’re energetic and enjoy working in a fast-paced global environment.You are able to undertake international travel - on average circa 1 week a quarter.You’re a jack of all trades, and always looking to learn moreHead-over-heels about this role — but not sure you meet all the requirements? Apply anyway! Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. We have determined a salary range for this position that takes into account several factors including experience, knowledge, education, skills, and abilities
Please note that the salary information is a general guideline only
The exact salary will be determined based on the individual’s qualifications and experience, with consideration given to the factors listed above
All employee benefits include a stake in shared success through stock options, health benefits, 401(k) plan, generous PTO, and a parental leave program.Salary Range (OTE)$200,000—$200,000 USDCopado is Equal Employment Opportunity and Affirmative Action Employers
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status
Copado does not accept unsolicited headhunter and agency resumes
Copado will not pay any third-party agency or company that does not have a signed agreement with Copado.