1+ months

Application Security Technical Lead - Duo Security

Cisco Systems Inc.
Austin, TX 78701
Apply Now
Apply on the Company Site

Duo Logo-web.png


The Application Security team is responsible for ensuring that each engineer at Duo Security is enabled & supported throughout the Secure Development Lifecycle (SDL) to build security-resilient software. Whether for internally built technologies that help to engineer the business, or to delight our customers with innovative products & services, Duos Application Security team provides its capabilities across the entire business unit to reduce overall risk.

What youll do

  • Lead various types of Application Security technical initiatives to assist in furthering the maturity and security posture of Duo and its products.
  • Work closely with teams, people, and leaders outside of AppSec to build positive relationships.
  • Provide security guidance on feature designs and specifications
  • Work closely with engineers on identifying and providing guidance on risk by reviewing architecture and implementation artifacts.
  • Perform code reviews and audits of new and existing features.
  • Identify and implement new ways that we can validate the security of Duo products and its development practices at scale.
  • Support product security incident response escalations, coordinate 3rd-party security assessments, provide ad-hoc technical security expertise to product, sales, & engineering teammates.
  • Research, build and implement tools, libraries & frameworks that aid developers in writing secure code.

Skills you have

  • You have a strong understanding of many vulnerability classes and how they occur across a variety of languages including Python, Javascript, Java, C, C#, and Objective-C. An expertise in one or more of those languages is highly desirable.
  • Youre comfortable manually auditing code for vulnerabilities and using both commercial and custom static & dynamic code analysis tools (e.g. burpsuite, bandit, dlint)
  • You are able to mentor and be mentored on security practices, controls and bring an influential flair to your audience whether it is one on one, during a presentation, or workshop.
  • You understand security engineering principles, and how to seriously consider when a best practice may not be, in fact, the best choice or positively impact actual security and our customers.
  • Have been a part of a PSIRT team or have a solid understanding of the concepts and methodology

4 Reasons why you should apply

  • Youre excited to be part of building an ever-maturing application security program that covers the Security Development Lifecycle, from training through incident response.
  • You love to communicate in a friendly, encouraging manner with software engineers and product managers, helping to not only identify security issues, but also a mentor and advocate on solutions.
  • Youre passionate about security, but understand each control or process has a cost that must be thought about critically, and from the point-of-view of many stakeholders.
  • You want to continuously elevate your skills and the skills of your teammates.

4 Reasons why you SHOULDNT apply.

  • You only find excitement in breaking software. This role requires a broad participation in realizing a world-class application security program that leverages many talents at once.
  • Getting work done quickly is more important than how you present that work. We pride ourselves in detail-oriented, well-written communications -- whether on reports or email.
  • You dont enjoy self-management of many tasks of various priority levels that can shift day-to-day. We value accountability of work that spans across tactical & strategic goals.
  • You are a lone wolf and prefer not to work on a team where collaboration and insight focuses the team for success on a daily basis.

We are Duo, and were here to democratize security for everyone. Our mission is to protect the mission of our customers like Facebook, Twitter, and Etsy by making security simple.

Were a diverse crew of makers and builders, skaters and coders, filmmakers and DJs, teachers and students brought together by a shared belief in adding value to the world. This diversity allows us to bring an empathetic approach to solve some of the most complex global business and security challenges we face today.

Duo is committed to cultivating and preserving a culture of inclusion and connectedness. We are able to grow and learn better together with a diverse team of employees. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and Duos achievement as well. In recruiting for our team, we welcome the distinct contributions that everyone brings in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veterans status, religion, disability, sexual orientation and beliefs.

And if this role is exciting you, we encourage you to apply even if you dont meet all 100% of the description or qualifications. Finally and most importantly, we are a proud Equal Opportunity Employer.


Posted: 2019-10-25 Expires: 2020-04-25

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Technical Lead - Duo Security

Cisco Systems Inc.
Austin, TX 78701
Facebook Share
Copy Job URL

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast