Application Security Engineer

2 weeks ago

Pullman, United States CDW Full time
Who We Are:

SiriusXM and its brands (Pandora, SiriusXM Media, AdsWizz, Simplecast, and SiriusXM Connect) are leading a new era of audio entertainment and services by delivering the most compelling subscription and ad-supported audio entertainment experience for listeners -- in the car, at home, and anywhere on the go with connected devices. Our vision is to shape the future of audio, where everyone can be effortlessly connected to the voices, stories and music they love wherever they are.

This is the place where a diverse group of emerging talent and legends alike come to share authentic and purposeful songs, stories, sounds and insights through some of the best programming and technology in the world. Our critically-acclaimed, industry-leading audio entertainment encompasses music, sports, comedy, news, talk, live events, and podcasting. No matter their individual role, each of our employees plays a vital part in bringing SiriusXM's vision to life every day.

SiriusXM is the leading audio entertainment company in North America, and the premier programmer and platform for subscription and digital advertising-supported audio products. SiriusXM's platforms collectively reach approximately 150 million listeners, the largest digital audio audience across paid and free tiers in North America, and deliver music, sports, talk, news, comedy, entertainment and podcasts. Pandora, a subsidiary of SiriusXM, is the largest ad-supported audio entertainment streaming service in the U.S. SiriusXM's subsidiaries Simplecast and AdsWizz make it a leader in podcast hosting, production, distribution, analytics and monetization. The Company's advertising sales organization, which operates as SiriusXM Media, leverages its scale, cross-platform sales organization and ad tech capabilities to deliver results for audio creators and advertisers. SiriusXM, through SiriusXM Canada Holdings, Inc., also offers satellite radio and audio entertainment in Canada. In addition to its audio entertainment businesses, SiriusXM offers connected vehicle services to automakers.

How you'll make an impact:

The Application Security Engineer will join the security organization to support SiriusXM technology objectives. The ideal candidate has a passion for finding opportunities and inspiration to solve security challenges and will do so by providing tools, guidance, context and continuous support to ensure the security success of our software and applications.

What you'll do:
  • Build and document security features to enable developers to write secure code.
  • Facilitate the implementation and continual improvement for a secure SDLC.
  • Secure tool creation, enabling security by default by building security and tooling into the software development process, conducting regular audits and tests to identify risks and prioritizing fixes.
  • Drive the technical implementation of our security solutions by providing necessary guidance and technical leadership to the SiriusXM engineering community.
  • Develop and improve the Application Security capabilities of SiriusXM by continually designing runbook procedures and expanding the scope and capabilities of security tools.
  • Consulting and systems development responsibilities for needs brought to the Application Security team by the business.
  • Write and design SDKs, containers images, guardrails, and testing suites.
  • Design, implementation, facilitation, and maintenance of tooling and frameworks to make adoption of security guardrails and best practices easier for developers when working in our code bases.
  • Participate in the design and implementation of applications, services, and infrastructure to ensure security and privacy design principles are being followed by performing security reviews and threat modeling.
  • Work within a collaborative team to develop scripts and software to solve for security automation and development needs.
  • Aid in secure code reviews, focused on security bug reduction.
  • Develop documentation, training, and security baselines to inform and educate the engineers, IT practitioners and developers on best practices.
  • Deploy, manage, and tune infrastructure used to protect our applications from common vulnerability exploitation, account takeover, and denial of service attacks.
  • Triage, escalate, and remediate vulnerabilities found as part of our vulnerability management program, bug bounty program and discovered in enterprise penetration tests.
  • Work with the product management teams to prioritize fixes for vulnerabilities and work with engineering teams to understand how to fix these issues.
  • Conducting root cause analysis of security findings to develop systematic improvements to develop processes, tooling, and security checks.
  • Fixing vulnerabilities, building in security telemetry/instrumentation, and adding security features to our products/applications.
  • Participate with the architecture and planning for company-wide security efforts.
  • Form a strong relationship with developer teams and serve as point of contact and security SME for questions arising around secure development.
  • Actively participate in all facets of the incident response lifecycle.
What you'll need:
  • 3+ years of software development experience, 2+ years of security (direct or adjacent) experience.
  • Proficient in at least one primary development language (preferably Python and Java/Scala).
  • Some experience with mobile application security preferred (Kotlin and Swift).
  • Experience with internal development for identity management, Cognito, OIDC, SAML, and SSO integration development.
  • Experience with AWS and/or GCP.
  • Experience calling REST and/or GraphQL APIs.
  • Experience administering application security tools such as SAST, SCA, DAST.
  • Knowledge of OWASP classifications and how to implement security checks for these vulnerabilities.
  • Ability to understand security code reviews.
  • Understanding of continuous integrations, testing, and delivery.
  • Ability to discover, document and fix security bugs.
  • Experience using Git and related, development processes in a professional setting.
  • Knowledge of JIRA (Issue/bug tracking), Confluence.
  • Experience writing educational documentation or knowledge bases.
  • Security mindset, self-starter, and ability to operate independently.
  • Be an organized and responsive problem solver.
  • Excellent oral/written presentation skills with the ability to teach and communicate effectively to developers and leadership.
  • Passionate about understanding complex systems.
  • Eager to learn, adapt, and improve your work.
  • Must have legal right to work in the U.S.


At SiriusXM, we carefully consider a wide range of factors when determining compensation, including your background and experience. These considerations can cause your compensation to vary. We expect the base salary for this position to be in the range of $64,700 to $131,300 and will depend on your skills, qualifications, and experience. Additionally, this role might be eligible for discretionary short-term and long-term incentives. We encourage all interested candidates to apply.

Our goal at SiriusXM is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, marital status, familial status, veteran status, sexual orientation or any other characteristic protected by applicable federal, state or local laws.

The requirements and duties described above may be modified or waived by the Company in its sole discretion without notice.
R-2024-07-87

  • Data Security Analyst Security Operations

    7 days ago

    Pullman, United States Washington State University Full time

    Data Security Analyst Security Operations Online applications must be received before 12:00am on: September 16, 2024 If a date is not listed above, review the Applicant Instructions below for more details. Available Title(s): 1355-NN_ADMINPRO - Information Technologies Consultant Business Title: Data Security Analyst - Security Operations Employee...

  • Fundraising Leader

    2 weeks ago

    Pullman, Washington, United States InsideHigherEd Full time

    About the OpportunityWe are seeking a passionate and driven Fundraising Leader to join our team. In this role, you will play a vital part in securing financial resources to support the impactful work of our engineering and architecture programs.Your ResponsibilitiesDevelop and execute comprehensive fundraising strategies to cultivate relationships with...

  • Junior Electrical Systems Engineer

    2 weeks ago

    Pullman, Washington, United States Schweitzer Engineering Laboratories, Inc. Full time

    Schweitzer Engineering Laboratories (SEL) Infrastructure Defense Division is on the lookout for a skilled individual to fill a position at the Associate to Engineer level, with a focus on Electrical Engineering. The work we engage in is among the most intriguing, demanding, and fulfilling within the engineering sector.Note: United States Citizenship is...

  • Information Security Specialist – Operations

    2 weeks ago

    Pullman, Washington, United States InsideHigherEd Full time

    Application Deadline: Please ensure your application is submitted on time.Position Overview:As a Data Security Analyst within the Information Security Services, your primary responsibilities will encompass:Enhancing the institution's information security posture by protecting the online activities of students, faculty, and staff.Innovating and executing...

  • Information Security Operations Specialist

    2 weeks ago

    Pullman, Washington, United States InsideHigherEd Full time

    Application Deadline: Please ensure your application is submitted before the specified deadline.Position Overview:As a Data Protection Analyst within the Information Security Services, your primary duties will encompass:Enhancing the institution's information security framework by protecting the online activities of students, faculty, and staff.Innovating...

  • Information Security Consultant – Operations

    2 weeks ago

    Pullman, Washington, United States InsideHigherEd Full time

    Application Deadline: Please ensure your application is submitted on time.Position Overview:As a Data Security Analyst within the Information Security Services team, your primary focus will be on:Enhancing the institution's information security posture by protecting the online activities of the academic community.Developing and executing innovative processes...

  • Mechanical Engineering Technician

    2 months ago

    Pullman, United States ADDIUM, Inc. Full time

    Job DescriptionJob DescriptionSalary: $28 - $35 - per hourJob Title: Mechanical Engineering TechnicianDepartment: Hardware DevelopmentReports to: Engineering DirectorLocation: Pullman, WAJob Summary:We are seeking a proactive Mechanical Engineering / Manufacturing Engineering Technician to support our hardware development team. The ideal candidate will be a...

  • Data Security Analyst – Cybersecurity Operations

    3 days ago

    Pullman, Washington, United States InsideHigherEd Full time

    About the RoleWe are seeking a highly skilled Data Security Analyst to join our team at InsideHigherEd. As a Data Security Analyst, you will play a critical role in protecting our organization's sensitive information and ensuring the security of our systems and networks.Key ResponsibilitiesEnhance Information Security: Safeguard online activities of...

  • Substation Design Engineer

    3 months ago

    Pullman, United States Electrical Consultants, Inc. Full time

    Job DescriptionJob DescriptionElectrical Consultants, Inc. (ECI) is a leading power engineering consultant firm that provides engineering, system planning and studies, technical consultation, project management, surveying, environmental planning, commissioning/testing and construction services to electric utilities, renewable energy developers and...

  • Associate Engineer

    4 months ago

    Pullman, United States Schweitzer Engineering Laboratories, Inc. Full time

    As you draw closer to earning your degree, youre faced with difficult decisions about your career. The pressure is mounting youre expected to know where to go and what to do. What if there was a way to gain technical experience, build your profess Engineer, Associate, Program, Application Engineer, Technology, Benefits

  • Substation Design Engineer

    4 days ago

    Pullman, Washington, United States Electrical Consultants, Inc. Full time

    Job SummaryWe are seeking a highly skilled Substation Design Engineer to join our team at Electrical Consultants, Inc. (ECI). As a key member of our design team, you will be responsible for the conceptual, preliminary, and final detailed design of new, upgraded, and expanded substations.Key ResponsibilitiesDevelop and deliver physical, electrical, civil, and...

  • Associate Power Engineer

    3 weeks ago

    Pullman, United States Schweitzer Engineering Laboratories (SEL) Full time

    As an Associate Power Engineer, a typical day might include the following: Further develop and maintain a detailed understanding of electric power systems and how to protect, monitor, and control the power system.Assist in developing product specifications, develop and analyze functional tests.Assist with application literature, instruction manuals, and data...

  • Associate Professor in Electrical Engineering

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Overview:The School of Electrical Engineering and Computer Science at Washington State University is seeking candidates for two full-time, continuous associate professor roles in the field of Electrical Engineering. These positions are designed for individuals with a strong commitment to teaching and research.Key Responsibilities:Deliver...

  • Associate Professor in Electrical Engineering

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Overview:The School of Electrical Engineering and Computer Science at Washington State University is seeking applications for two full-time, continuous, career-track associate professor roles in the field of Electrical Engineering. These positions are designed for candidates with a strong commitment to teaching and research.Responsibilities:Teach...

  • Associate Professor in Electrical Engineering

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Overview:The School of Electrical Engineering and Computer Science at Washington State University is seeking applications for two full-time, continuous, career-track positions at the Associate Professor level in the field of Electrical Engineering.Key Responsibilities:Deliver undergraduate courses with a focus on curriculum innovation.Engage in the...

  • Associate Professor in Electrical Engineering

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Overview:The School of Electrical Engineering and Computer Science at Washington State University is seeking candidates for two full-time, career-track associate professor roles in the field of Electrical Engineering. These positions are designed for individuals with a strong commitment to teaching and research.Key Responsibilities:Deliver...

  • Associate Professor in Electrical Engineering

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Overview:The School of Electrical Engineering and Computer Science at Washington State University is seeking candidates for two full-time, continuous associate professor roles in the field of Electrical Engineering. These positions will focus on different areas of expertise: one will emphasize teaching in signal processing, circuit theory, and...

  • Substation Project Engineer

    4 days ago

    Pullman, Washington, United States Electrical Consultants, Inc. Full time

    Job SummaryWe are seeking a highly skilled Substation Project Engineer to join our team at Electrical Consultants, Inc. (ECI). As a key member of our project team, you will be responsible for the conceptual, preliminary, and final detailed design of new, upgraded, and expanded substations.Key ResponsibilitiesDevelop and deliver physical, electrical, civil,...

  • Electronics Engineering Intern

    2 weeks ago

    Pullman, Washington, United States Schweitzer Engineering Laboratories, Inc. Full time

    As an Electronics Engineering Intern, you will support a dedicated hardware team responsible for the design and upkeep of hardware systems for automation solutions.Your responsibilities as an Electronics Engineering Intern may include: Assisting in the design of electronic circuits, utilizing CAD software for analysis and simulation, as well as hands-on...

  • Energy Systems Engineer

    2 weeks ago

    Pullman, Washington, United States Washington State University Full time

    Position Title: Energy Systems EngineerEmployee Type: Administrative Professional (+) (Fixed Term)Time Type: Full timePosition Overview:The Energy Systems Engineer is responsible for the conception, proposal, development, budgeting, and management of the delivery of technical products for commercial and industrial programs. This role requires collaboration...