Senior Application Security Engineer

Posted 7 Hours Ago
Easy Apply
Be an Early Applicant
Pune, Maharashtra
Senior level
Artificial Intelligence • Cloud • Information Technology • Machine Learning • Software
Hybrid Observability powered by AI
The Role
The Senior Application Security Engineer at LogicMonitor will drive and evolve the company's AppSec and Bug Bounty programs. Responsibilities include analyzing, investigating, and validating the security of engineering development applications and improving the bug bounty program.
Summary Generated by Built In

About Us:  

LogicMonitor is the leading fully automated, cloud-based infrastructure monitoring and observability platform for enterprise IT and managed service providers.

We love going to work and think you should too. We are customer obsessed, work as one agile team, and strive to be better every day while building trust. These are our core values. We foster a culture of performance and recognition, allowing us to transform growth as we enable our employees to do the best work of their careers. 

This position is located in Pune. You'll be working in a major tech center of Pune, India.  We call our offices Centers of Energy, because they’re where we accelerate work, spark creativity, and ignite our culture of connection and celebration. Our teams coordinate their time in Centers of Energy to reflect how they work best.  

LogicMonitor is an equal opportunity employer. We deeply care about our employees' well-being, creating an environment where everyone feels valued and respected. We celebrate the diversity of our team and are committed to fostering a culture of inclusivity. When you join LogicMonitor, you're not just an employee to us, but a valued member of our community. Come as you are, be yourself, and let's grow together.

To learn more about life at LogicMonitor, check out our Careers Page.

What You'll Do:

LM Envision, LogicMonitor's leading hybrid observability platform powered by AI, helps modern enterprises gain operational visibility into and predictability across their IT stacks, so they can continue to deliver extraordinary employee and customer experiences. LogicMonitor has a layered approach to intelligence, where AI and Machine Learning is baked into every facet of the LM Envision platform to help IT teams improve efficiency, minimize alert fatigue, proactively predict trends, and maximize enterprise growth and transformation. 

Our customers love LogicMonitor's ability to bring cloud and traditional IT together into one view, as seen in minimal churn rates, expansion business, and exciting new customer references. In fact, LogicMonitor has received the highest Net Promoter Score of any IT Infrastructure Management provider. LogicMonitor also boasts high employee satisfaction. We have been certified as a Great Place To Work®, and named one of BuiltIn's Best Places to Work for the sixth year in a row! 

LogicMonitor’s InfoSec Team is the backbone of trust that our customers depend on day after day.  The Senior Application Security Engineer will help drive and evolve LogicMonitor’s AppSec and Bug Bounty programs. You will be responsible for analyzing/investigating/validating the security of the engineering development owned applications and creating and continuously improving the bug bounty program.  You will work with a global software engineering team, product team, and product security team.

Here's a closer look at this key role:

  • Manage and continuously improve the external bug bounty program, including setting program scope, rules of engagement, and incentives for researchers to participate.
  • Triage reported vulnerabilities from the bug bounty program, prioritize them based on risk and impact assessments, and coordinate with internal development teams for timely resolution.
  • Regularly evaluate the performance and results of the bug bounty program, identify areas for improvement, and implement enhancements to mature the program over time.
  • Collaborate with external bug bounty platforms or vendors to ensure the program's effectiveness and efficiency.
  • Actively engage with external security researchers, fostering a collaborative relationship to encourage their participation in the bug bounty program and to facilitate effective communication throughout the vulnerability disclosure process.
  • Conduct manual verification of security issues identified through automated scans, manual tests or reported by external researchers to validate their severity and impact.
  • Collaborate with cross-functional teams to prioritize and address identified vulnerabilities based on risk and impact assessments.
  • Track and report on the status of vulnerability remediation efforts, including providing regular updates to stakeholders.
  • Stay informed about emerging security threats, industry best practices, and relevant regulations to continuously improve the effectiveness of our vulnerability management program. Experience with Security and Privacy threat modeling new features.
  • Analyze vulnerabilities and proactively target root causes by creating tools for codebase scanning, establishing effective patterns and systems, and enhancing security training for engineers.
  • Assist teams in threat modeling and cultivating a security mindset for their features, leveraging dedicated security expertise to complement the existing skills of our engineers.
  • Investigate user security issues, utilizing product knowledge and logs to understand incidents and proposing improvements to monitoring for quicker detection of similar issues
What You'll Need:
  • 5+ years experience with Application security

  • Experience with application security standards such as OWASP ASVS/Top 10, CWE 25.
  • Experience with common security libraries, security controls, and common security flaws.
  • Outstanding collaboration and partnership skills, with proven ability to drive results across teams.


The Company
HQ: Santa Barbara, CA
1,100 Employees
Hybrid Workplace
Year Founded: 2007

What We Do

LogicMonitor® offers hybrid observability powered by AI. The company’s SaaS-based platform, LM Envision, enables observability across on-prem and multi-cloud environments. We provide IT and business teams operational visibility and predictability across their technologies and applications to focus less on troubleshooting and more on delivering extraordinary employee and customer experiences. For more information, visit www.logicmonitor.com.

Why Work With Us

We love going to work and think you should too. We are customer-obsessed, work as one agile team, and strive to be better every day while building trust. These are our core values. So it's no surprise that we work hard and genuinely have fun working with each other as we expand our global presence and achieve record-breaking success.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

LogicMonitor Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

We call our offices Centers of Energy, because they’re where we accelerate work, spark creativity, and ignite our culture of connection and celebration. Our teams coordinate their time in Centers of Energy to reflect how they work best.

Typical time on-site: Flexible
Company Office Image
Pune, IN
LogicMonitor expanded to India in 2019, and shortly after launched of our Center of Excellence in India, located in a major tech hub in Pune. Across the globe, our Centers of Energy serve as hubs where we accelerate productivity and collaboration, and inspire creativity.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account