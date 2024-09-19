Application Security Business Partner (Application Security Team)
Hi there!
We are Semrush, a global IT company developing our own product – a platform for digital marketers. New stars are born here, so don’t miss your chance.
This is our Application Security Business Partner role for those who strive to implement functional processes and drive them to full completion.
Tasks in the role
Act as the primary point of contact between the application security team and the development teams, building strong partnerships with key stakeholders to promote security first
Collaborate closely with development teams to embed security practices into their workflows and the Software Development Life Cycle (SDLC)
Influence and guide engineering teams to adopt secure coding standards and practices, ensuring security is a foundational aspect of all development projects
Deliver training programs to enhance security awareness and knowledge across development teams
Review and suggest enhancements to existing development processes to increase security and operational efficiency
Establish and track security metrics to measure the effectiveness of security initiatives within the development lifecycle
Who we are looking for
Excellent written and verbal communication skills, capable of articulating complex security concepts in a clear and actionable manner
Familiarity with modern web application development methodologies and workflows
Solid knowledge of core application security principles and best practices
Experience partnering with cross-functional teams to drive security initiatives and integrate security into existing processes
Not required, but a plus
Background in project or program management within a technology or security setting
Experience in developing and delivering security training and awareness programs
Familiarity with security compliance standards and regulatory requirements relevant to application security
Deep understanding of modern web technologies and architectures, with the ability to discuss technical concepts with development teams
You share our common values: Trust, as we prefer to speak up and be our true selves; Sense of Ownership, as it’s not worth wasting time on something you don’t believe in; and enthusiasm for Constant Change, as we are always looking to make things better
A bit about the team
You can get to know the team better at one of the interviews, but some brief information about future colleagues will be useful now.
We are an actively growing security team using modern security approaches and tools. We are proud of the high level of responsibility and results of our work. It motivates us to grow and contribute more to the company's success!
Semrush Security Department contains:
Application Security Team
Infrastructure Security Team
Common Flow & Compliance Team
As Semrush continues to grow, so does our demand for simplifying and automating workflows to meet the needs of our internal teams, partners, and external users.
The Semrush Security Department is a strong team. The famous security researcher Andrey Leonov and other talented guys are with us.
We speak at conferences, hold internal and external events (CTF, meetups), do research work, and train employees on how to find vulnerabilities and defend against them.
The Application Security Team is working on complex and multi-layer software products. As a member of AppSec, you will also be able to participate in building secure software development processes. We are not limited to basic workflows such as DAST and SAST; we focus our efforts on scalable investments in our engineering ecosystem to identify and drive high-impact security initiatives.
We are hiring for a security partner role to support product development at Semrush. In this role, you will work closely with engineering teams, building edge services, platform features, and backend infrastructure.
We are looking for security engineers who can be the voice of security in the defensive initiatives and identify the right security investments to help us build strong security processes.
We will try to create all the right conditions for you to work and rest comfortably
This offer stands for the “hybrid” work format: some days, you work from the office, and some #wfh.
Flexible working day start
Unlimited PTO
Hobby benefit
Breakfast, snacks, and coffee at the office
Corporate events
Training, courses, conferences
Gifts for employees
Finally, a little more about our company
Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization, pay-per-click, content, social media and competitive research campaigns and get measurable results from online marketing.
We’ve been developing our product for 16 years and have been awarded G2s Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.
10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,000 people around the world are working on its development. The Semrush team is constantly growing.
Our new colleague, we are waiting for you!
Semrush is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, creed, color, national origin, sex, pregnancy, sexual orientation, gender identity, gender expression, age, ancestry, physical or mental disability, or medical condition including medical characteristics, genetic identity, marital status, military service, or any other classification protected by applicable local, state or federal laws. All employment decisions are based on business needs, job requirements, merit, and individual qualifications.
At Semrush, we take a serious and comprehensive approach to hiring new people. We welcome those who are professionals in their field and passionate about their work to join our team.
A “five-minute interview” or “get a job in three clicks” approach is not the way we work.
During the interview, we ask candidates to talk about themselves and their background in detail. We try to discover the most important aspects about the way someone works and their personality before a job offer is made.
Once the resume is received it will be reviewed by a member of the Talent Acquisition team. We try to provide feedback within three working days.
Flexible approach for an interview format
In order for the online meetings to be productive, we suggest following these tips to make sure you are set up well:
- Join the interview from a laptop or desktop computer (not a smartphone). You may need to print something or present your screen during the interview.
- Please turn on your camera. Visual communication is especially important for us.
- Choose a quiet place to talk. Attending an interview from the street is not a good idea.
- Keep your phone at hand in case there are technical issues that mean we have to continue the interview by direct call.
Security
The Semrush Security team takes responsibility for information security and encourages employees to pay close attention to potential security issues related to everyday activities and decisions.
Within the team, there are several scopes of work: web application security, certification and audit, infrastructure security, and general issues.
Even though Security team members focus on different tasks, they operate as one: every team member is always ready to provide support, no matter the query.
The entire team is located in our European offices, but also has ambassadors from among local colleagues in almost all Semrush offices worldwide. These colleagues help maintain awareness of information security within their branch.
