Associate Application Security Engineer

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth potential ahead.

At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company - we made history in 2021 by becoming apublic benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.

As aWork Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.

Veeva's Security Engineering team is seeking an aspiring Application Security Engineer that wants to work with Veeva's product teams to secure their applications. This role has a broad scope, ranging from assisting with managing our SAST/SCA environment to developing Dev Sec Ops automation services, and system integrations using APIs, Webhooks, or other custom integrations of Veeva's infrastructure. Development of automated processes of security tools, coloration of data through analytics, and design of integrated dashboard tools across our multiple platforms. You will be working as a security expert supporting our product development teams on code quality issues and findings.

What You'll Do

• Support Checkmarx SAST & SCA platform, tuning and supporting product development
• Assist application product teams with scan automation via pipeline build such as Jenkins or CI/CD
• Automation of security tools into the DevSecOps processes
• Create best practices, system troubleshooting, or process documentation
• Write code supporting data lake and data warehouse collection and data transformation processes
• Maintain security infrastructure, tools, and systems
• Integration of security tools through APIs, webhook, or other custom integration
• Conduct full life cycle engagements with business units independently or as part of a team
• Create and maintain integrated security dashboards pulling multiple security systems into a unified global view

Requirements

• Bachelor of Science in Computer Science, Computer Engineering, or related field, or equivalent work experience
• Coding skills in at least one primary language, such as Java or Python and React
• Understanding of OWASP Top 10, SANS Top 20, NIST 800-53, CIS, CSC, or other security standards
• Utilize Static Application Security Testing tools (i.e. Checkmarx) to identify and remediate code vulnerabilities
• 1+ years as a security engineer or application developer
• Knowledge and understanding in various disciplines such as security engineering, infrastructure and network security, authentication and security
• Knowledge of protocols, cryptography, or application security
• Experience with interpreted or compiled languages: Python, Java, React, Ruby, Perl, PHP, C/C++, C#
• Experience with cloud service providers and their offerings, preferably AWS and its various technologies and APIs, Azure, and Alibaba Cloud

Nice to Have

• Bachelor of Science in Cyber Security, Information Security, MIS, or equivalent
• Experience in Web and Mobile (Android/iOS) based application/service assessment
• Knowledge of fuzzing, memory corruption, and exploit development
• Familiar with Jenkins, Bamboo, CI/CD Pipelines, and other automation tools
• Experience with Big Data technologies such as Elastic, Cloudera, Hadoop, Datadog, or others
• Experience maintaining security tools and automation scripts to streamline security processes

Veeva's headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.

As an equal opportunity employer, Veeva is committed to fostering a culture of inclusion and growing a diverse workforce. Diversity makes us stronger. It comes in many forms. Gender, race, ethnicity, religion, politics, sexual orientation, age, disability and life experience shape us all into unique individuals. We value people for the individuals they are and the contributions they can bring to our teams.

If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at .

Work Where It's Best for You

Work Anywhere means you can work in an office or at home on any given day. It's about getting the work done in the way and place that works best for each person. This applies across all locations and departments.

Work Anywhere does not mean work at any time. We have predictable core hours where employees are generally available for meetings and collaboration. Employees are focused and available during core hours.

We invest in our offices to make them places where our employees like to go. If you work in the office three or more days a week, you will have a dedicated office workspace. Our offices function as hubs to draw people in, create social bonds, and where random connections and mixing of ideas happen. We're investing more in offices, culture, and offsite meetings, not less.

Product teams are organized in regional product hubs for optimal collaboration and live within a time zone of their hub. Our current product hubs are located in Pleasanton, Columbus, Boston, Kansas City, New York City, Raleigh, and Toronto. We create opportunities for teams to get together in person regularly.

Customer-facing roles, such as Sales and Professional Services, live near and/or travel to their customers.

When an employee moves within a country it does not cause a change in salary. Where you live impacts you and your family. Not knowing if your compensation will change if you move can cause stress and uncertainty for everyone. We wanted to eliminate that.

Work at Veeva. Work where it's best for you.

A different kind of company. A Public Benefit Corporation.

Unlike a traditional corporation, whose only legal duty is to maximize shareholder value, PBCs consider their public benefit purpose and the interests of those materially affected by the corporation's conduct-including customers, employees, and the community-in addition to shareholders' interests.

What sets us apart

In February 2021, Veeva became the first public company to convert to a Public Benefit Corporation (PBC).

Unlike a traditional corporation, whose only legal duty is to maximize shareholder value, PBCs consider their public benefit purpose and the interests of those materially affected by the corporation's conduct-including customers, employees, and the community-in addition to shareholders' interests.

Veeva's public benefit purpose is to help make the industries we serve more productive and create high-quality employment opportunities.

"Veeva's engineering teams take a pragmatic approach to software development. We offer an ideal environment for engineers who value focus, speed and integrity in their work."