Senior Security Engineer

Senior Application Security Engineer

Bogota, Colombia

*ONLY CVs SUBMITTED IN ENGLISH WILL BE CONSIDERED*

The Opportunity:

We’re looking for a Senior Application Security Engineer to help us push the boundaries of what education can offer through the power of technology. Education is our passion, and our team members bring that to work each day as they aim to advance learning in every region of the world. Blackboard is the world's leading education technology company, providing dynamic products and services to the global education community. We’re focused on driving innovation in EdTech and working with our clients to create a smarter learning environment.   

At Blackboard, we believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices, but who we are as a company.

For more information about Blackboard Inc. and our career opportunities, please visit www.blackboard.com. 

As a Senior Application Security Engineer, you will be a seasoned professional contributor who works independently with limited supervision. You will provide leadership to other team members and contribute to the strategic planning of our Application Security program. You will work closely with development teams, product managers (PM), and third-party groups (including the paid bug bounty program) to influence others regarding policies, practices, and procedures.

Primary responsibilities will include:

• Performing Web Application, API and Mobile Security Testing using both Manual and Automated Penetration Testing Methodologies
• Proactively identifying potential vulnerabilities through manual testing
• Supporting the bug bounty program by reviewing incoming vulnerability reports and reproducing issues, assessing the severity and impact
• Performing automated scan scenarios to ensure coverage of dynamic functionalities
• Learning and developing secondary expertise in Blue Team activities other than regular Red Team activity
• Performing automation via code development and scripting
• Identifying remediation strategies and supporting implementation for vulnerabilities in products
• Staying abreast of newer trends in tools and technologies used for web application security

The Candidate:

Required skills/qualifications:

• Hands-on experience with testing frameworks in line with Web Applications, Mobile Applications, Web Services/APIs, Thick-client, Network and Cloud (AWS preferred)
• Experience in both commercial and open-source tools like Burp Professional, Nmap, Kali, Metasploit, Fortify on Demand, etc.
• Experience preparing a security threat model and associated test plans
• Experience with performing penetration testing as per OWASP Top 10, SANS Top 25, WASC, NIST or SANS Security Guidelines
• Ability to prioritize tasks and deliverables and manage dynamic priorities
• Knowledge of current information security threats
• Understanding of coding best practices and standards
• Knowledge of application development processes and at least one programming or scripting language
• Fluency in written and spoken English at CEF B2 level or above

Preferred skills/qualifications:

• Experience with CI/CD implementation processes and integration of security tools with build automation tools
• Good communication skills both written and oral
• Critical thinking and problem-solving abilities
• Organized planning and time management skills
• Bachelor's degree or equivalent experience in Security
• Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)

To ensure the safety and wellbeing of our employees during the COVID-19 pandemic, Blackboard positions are currently remote (where possible).

The Office: 
Blackboard has an office located in Bogota, Colombia as a hub for the LAC market.     

• Located in Capital Towers center in the financial district  
• Excellent and secure area to eat lunch, have a walk, or dine after office hours   
• Benefits in prepaid medicine  
• Easy access to public transportation close to two important avenues, Carrera 7 and Calle 100  
• Free bike parking for employees and paid bike parking for visitors   
• Multiple private spaces for virtual and face-to-face meetings  
• Regular events like bring your dog to work day and ping-pong, foosball, and Mario Kart tournaments   
• Sodexo card provided for employees  
• Learn more about the Bogota office culture by checking out our Facebook page  

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.

Blackboard is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.