Software Engineer - Security

nCino offers exciting career opportunities for individuals who want to join the worldwide leader in cloud banking.

As a Security Engineer, you will be an essential part of a high-performing Agile engineering team that is responsible for ensuring proper security controls are in place for internal and 3rd party applications. You will perform application security testing (web, mobile, etc.), code reviews, automation, threat modeling and research to reduce risk to nCino and scale with the growth of the company. The ideal candidate has a strong Agile security background and will thrive in a hands-on, focused, productive and team-oriented environment.

Responsibilities:

• Act as a subject matter expert on application security domains involving web, mobile, and additional platforms
• Demonstrate the ability to independently problem solve and research solutions
• Develop secure code practices and provide hands-on training to developers
• Provide careful code reviews and ensure security and privacy-related code standards are implemented by team members
• Understand the business domain, data model, and design of the code base for the nCino product
• Maintain a deep knowledge of the technologies (languages, frameworks, etc.) used within nCino's product solutions
• Maintain a deep knowledge of the craft of coding and design
• Perform design reviews and threat modeling
• Build new tooling (secure development lifecycle tooling, vulnerability management, etc.)
• Guide design sessions, ensuring the security of the selected approach and driving understanding and ownership across teammates
• Facilitate communication and collaboration inside and outside the team
• Advise Product Owners on the complexity, risk, and time required to complete security aspects of development projects
• Triage incoming vulnerability reports
• Mentor team members
• Be a great teammate - carry your load, help out, be flexible and adapt easily to changing product needs based on customers and the market

Qualifications:

Required:

• Bachelor's degree in Information Security, Computer Science, Electrical Engineering, or a related field or equivalent professional experience
• 2+ years experience or combination experience, education, & superior performance
• Experience with at least one OOP language: Java, C#, C++, Apex, PHP, Ruby, Scala, Python
• Familiar with exploiting application security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.
• A hacker's mindset and experience with popular penetration testing tools
• Demonstrated commitment to quality and continuous improvement
• Excellent verbal and written communication skills for technical and non-technical audiences

Desired:

• Secure code review experience (Java, Javascript, Python)
• Relevant Information security certifications. (Burp Suite Certified Practitioner, GWAPT, GPEN, OSCP, OSCE, OSWE, CEH, etc)
• Familiar with client-side JavaScript frameworks like Angular, React, etc.
• Experienced in Agile/SCRUM and TDD development methodologies
• Experience developing or testing on the Salesforce Platform, iOS and Android, Amazon Web Services (AWS), Azure, or other hosting platforms
• Passion for secure development practices
• Collaboration, prioritization, and adaptability skills

If you thrive in a high-energy, entrepreneurial environment, we invite you to share your passion, ideas and excitement at nCino.

nCino provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, genetics or other protected groups. In addition to federal law requirements, nCino complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

nCino is committed to the full inclusion of all qualified individuals. As part of this commitment, nCino will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us at [email protected].

Our commitment to inclusion and equality includes a strong belief that the diversity of our team is instrumental to our success. We strive to create workplaces where employees are empowered to bring their authentic selves to work.