About Kustomer
Kustomer is the industry leading conversational CRM platform perfecting every customer experience. Built with intelligent tools such as AI and Automation, no code-configuration and a connected data platform that unifies data from multiple sources through a single timeline, Kustomer empowers businesses to operate with greater efficiency and deliver more personalized service to customers across any channel, making every interaction more meaningful and memorable. Today, Kustomer is the core platform for some of the leading customer service brands like Ring, Glovo, Away Travel, Priceline and Sweetgreen.
Kustomer was founded in 2015 by serial entrepreneurs Brad Birnbaum and Jeremy Suriel and has raised over $200M in funding backed by leading VCs. Meta announced its intention to acquire Kustomer in 2020 and completed the transaction in 2022. Kustomer joined Meta’s Business Messaging Group to transform the way people and businesses communicate through modern messaging channels. In 2023, Kustomer spun out from Meta as a standalone company backed by original partners, Battery, Redpoint and Boldstart Ventures, who have invested $60M in capital, ensuring Kustomer’s growth and success for many years to come.
Our Krew is made up of passionate and collaborative people who really care about what they do and the people they help. We look for people who are passionate about enhancing the customer service experience for everyone involved, as it's the core of what we do. We're growing our business with no plans of slowing down. We actively seek individuals who want to learn and be challenged every day. We have also transitioned to a remote friendly company, with Krew members located throughout the U.S. coming together for Kamp Kustomer each year.
About the Role
Kustomer is looking for an experienced Application Security Engineer to ensure that our applications are designed and implemented to the highest standards in order to maintain and enhance customer trust. You will participate in security audits, risk analysis, vulnerability testing and security reviews.
What You'll Do
- Establish DevSecOps practices throughout the organization and encourage a culture of security.
- Work closely with development teams to ensure that security is integrated into the development lifecycle, from design to deployment. (CI/CD)
- Collaborate with operations teams to ensure that systems are properly configured and monitored for security.
- Educate stakeholders on the benefits of DevSecOps practices and help them understand the importance of security in the development process.
- Demonstrate expertise with Amazon and Google cloud environments.
- Work with security professionals to ensure that our systems are compliant with regulatory and industry standards. (SOC2/ISO27001/HIPAA/GDPR)
- Coordinate and collaborate with multiple teams to ensure the confidentiality, integrity, and availability of assets that meets business needs
- Perform other security-related projects that may be assigned according to skills
- Automate AWS/GCP infrastructure to stay up-to-date with the latest security threats, vulnerabilities, and best practices.
- Perform manual and/or automated secure code reviews
- Stay up to date and informed on emerging cybersecurity threats and software development best practices
- Conduct tool evaluations and build proof of concepts
Your Qualifications
- 8+ Years of Application Security Engineer Experience
- Team player with strong work ethic with attention to detail
- Excellent written, verbal, and consultative skills (e.g., professionalism, collaboration, negotiation, conflict resolution, quick learner, etc.)
- Good Interpersonal skills that demonstrate the ability to communicate with both technical and non-technical personnel in cross-functional teams to influence decision making
- Exceptional analytical and problem-solving skills with a history of learning and adapting quickly
- Application Security (AppSec) domain knowledge/experience, including manual source code review, analyzing DAST/SAST scan results, application penetration testing, and a solid understanding of software development frameworks, IDEs, languages, and supporting technologies.
- Understanding Center for Internet Security (CIS) benchmarks and how to apply them to cloud-based workloads.
- Solid understanding of DevSecOps principles, CI/CD pipelines, and automation tools
- Knowledge of security within cloud environment, especially around networking, security and administration
HIPAA Compliance
All roles at Kustomer may involve handling sensitive personal data.
Benefits
Kustomer offers an array of benefits including competitive salaries, stock options, 100% healthcare coverage, 401K, WiFi and Mobile reimbursement, and a generous vacation policy.
Diversity & Inclusion at Kustomer
Kustomer is committed to bringing together individuals from different backgrounds and perspectives.
We strive to create an inclusive environment where everyone can thrive, feel a sense of belonging, and do great work together.We are proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, Veteran status, or any other legally protected status.
Disclaimer: Kustomer only contacts candidates from company email addresses ending in kustomer.com and does not seek funds from candidates in any circumstances.
#J-18808-Ljbffr