• Lead Application Security Engineer

    Job ID
  • Job Description

    About Cimpress:
    Cimpress N.V. (NASDAQ: CMPR) is the world leader in mass customization. For 20 years, the company has focused on developing software and manufacturing capabilities that transform traditional markets in order to make customized products accessible and affordable to everyone. Cimpress’ portfolio of brands include Cimpress, Albelli, Drukwerkdeal, Pixartprinting and others serve many customer segments across many applications for mass customization. The company produces more than 80 million unique products a year via its network of computer integrated manufacturing facilities.
    Lead Application Security Engineer
    We are seeking a motivated and curious security engineer to provide leadership and guidance in the strategy, design, deployment, and operations of secure systems. The role will require a deep and broad understanding of Cimpress’s architecture and products and the ability to efficiently assess a wide array of threats.
    What you'll do:
    - Perform threat modeling, architecture and source code reviews of our products
    - Design and establish our secure development lifecycle process
    - Penetration test our services and applications
    - Mentor and help grow other application security engineers
    - Build partnerships with other engineering teams, provide training in secure development practices and maintain related resources for their reference
    - Provide detailed guidance and support to teams in vulnerability remediation
    - Implement automated application scanning, static analysis and related tools
    Who we're looking for:
    - Security engineers with deep empathy and a passion for concocting creative security solutions
    - Generalists who enjoy learning new things and have experience bootstrapping into a more specialized and diversified team
    - 7+ years of experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and threat modeling
    - Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools
    Bonus Points for:
    - DAST or SAST experience, OWASP ZAP, Checkmarx, Veracode or equivalent
    - Vulnerability analysis and application reversing skills
    - Understanding of cryptography principles


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.