Senior Application Security Analyst

Q2

(Austin, Texas)

Full Time

Job Posting Details

About Q2

Q2 is focused on empowering returns on relationships for community-centered financial institutions and their consumer and commercial account holders. We do this with the most comprehensive, secure and adaptable smart banking platform of its kind, designed to deliver a compelling, consistent user experience on any device and enable customers to deliver secure, innovative services and increasingly, to generate new sources of revenue.

Summary

Q2 is seeking a Senior Application Security Analyst who is passionate about securing innovative products that scale to 400+ financial institutions. The Sr. Application Security Analyst will interact with stakeholders across Engineering, QA, DevOps, IT, Operations, and Product Management. If you enjoy working in a highly collaborative environment and approach every day with a burning passion for building and breaking systems, then Q2 wants you!

Responsibilities

* Build a cross-functional group of Security-minded Engineers to amplify the infusion of Security into Q2’s application product portfolio.
* Evangelize “Hack Yourself First” to build more resilient and secure systems.
* Perform end-to-end testing of Q2’s web and mobile platforms.
* Own the vulnerability management lifecycle from identification to remediation to reporting.
* Perform code reviews and threat modeling alongside your Q2 Dev brethren.
* Participate in internal user acceptance testing and test case creation for new product releases and enhancements.
* Evaluate, implement, and leverage commercial and open-source tools to achieve test automation.
* Conduct Security research to keep abreast of latest attack techniques and the evolving threat landscape.
* Educate financial institutions on their Security findings.
* Participate in monthly oversight meetings with Chief Security Officer to provide transparency and visibility into the critical and high vulnerabilities, development challenges, and roadmap direction.

Build a cross-functional group of Security-minded Engineers to amplify the infusion of Security into Q2’s application product portfolio.
Evangelize “Hack Yourself First” to build more resilient and secure systems.
Perform end-to-end testing of Q2’s web and mobile platforms.
Own the vulnerability management lifecycle from identification to remediation to reporting.
Perform code reviews and threat modeling alongside your Q2 Dev brethren.
Participate in internal user acceptance testing and test case creation for new product releases and enhancements.
Evaluate, implement, and leverage commercial and open-source tools to achieve test automation.
Conduct Security research to keep abreast of latest attack techniques and the evolving threat landscape.
Educate financial institutions on their Security findings.
Participate in monthly oversight meetings with Chief Security Officer to provide transparency and visibility into the critical and high vulnerabilities, development challenges, and roadmap direction.

Ideal Candidate

Experience & Knowledge:

Bachelor’s degree in Computer Science, Engineering, Computer Security, Information Systems, or related field.
2+ years of hands-on .NET or Java development.
Continuous integration/deployment tools (e.g., Bitbucket, Stash,Git, Github, Jenkins, etc.).
Web and mobile penetration testing and vulnerability research.
Static and dynamic application security testing (SAST and DAST).

Certifications: