Security Engineer

nCino offers exciting career opportunities for individuals who want to join the worldwide leader in cloud banking. As a Security Engineer, you will be an essential part of a high-performing Agile engineering team that is responsible for ensuring proper security controls are in place for internal and 3rd party applications. You will perform application security testing (web, mobile, etc.), code reviews, automation, threat modeling and research to reduce risk to nCino and scale with the growth of the company. The ideal candidate has a hacker's mindset, experience with popular penetration testing tools, a strong Agile security background, and will thrive in a hands-on, focused, productive and team-oriented environment. ResponsibilitiesAct as a subject matter expert on application security domains involving web, mobile, and additional platformsDemonstrate the ability to independently problem solve and research solutions Develop secure code practices and provide hands-on training to developers Provide careful code reviews and ensure security and privacy-related code standards are implemented by team membersUnderstand the business domain, data model, and design of the code base for the nCino product Maintain a deep knowledge of the technologies (languages, frameworks, etc.) used within nCino’s product solutionsMaintain a deep knowledge of the craft of coding and designPerform design reviews and threat modelingBuild new tooling (secure development lifecycle tooling, vulnerability management, etc.)Guide design sessions, ensuring the security of the selected approach and driving understanding and ownership across teammatesFacilitate communication and collaboration inside and outside the teamAdvise Product Owners on the complexity, risk, and time required to complete security aspects of development projectsTriage incoming vulnerability reportsMentor team membersQualificationsRequired:Bachelor’s degree in Information Security, Computer Science, Electrical Engineering, or a related field or equivalent professional experience2+ years experience or combination experience and educationExperience with at least one OOP language: Java, C#, C++, Apex, PHP, Ruby, Scala, PythonFamiliar with exploiting application security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.Demonstrated commitment to quality and continuous improvementExcellent verbal and written communication skills for technical and non-technical audiences Desired:Secure code review experience (Java, Javascript, Python) Relevant Information security certifications. (Burp Suite Certified Practitioner, GWAPT, GPEN, OSCP, OSCE, OSWE, CEH, etc) Familiar with client-side JavaScript frameworks like Angular, React, etc. Experienced in Agile/SCRUM and TDD development methodologies Experience developing or testing on the Salesforce Platform, iOS and Android, Amazon Web Services (AWS), Azure, or other hosting platforms Passion for secure development practicesCollaboration, prioritization, and adaptability skills If you thrive in a high-energy, entrepreneurial environment, we invite you to share your passion, ideas and excitement at nCino. nCino provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, genetics or other protected groups. In addition to federal law requirements, nCino complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.nCino is committed to the full inclusion of all qualified individuals. As part of this commitment, nCino will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us at recruiting@ncino.com. Our commitment to inclusion and equality includes a strong belief that the diversity of our team is instrumental to our success.  We strive to create workplaces where employees are empowered to bring their authentic selves to work.