Vertafore is looking for talented people to join our team in Michigan. Our dynamic environment provides professional development, fast upward mobility, and exposure to the latest and greatest in technology. Vertafore is a leading technology company whose innovative software solution are advancing the insurance industry. Our suite of products provides solutions to our customers that help them better manage their business, boost their productivity and efficiencies, and lower costs while strengthening relationships. Our mission is to move InsurTech forward by putting people at the heart of the industry. We are leading the way with product innovation, technology partnerships, and focusing on customer success. Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better.
We are headquartered in Denver, Colorado, with offices across the U.S., including East Lansing, Michigan - we are minutes from Michigan State University, Lansing Community College, and Cooley Law School.
As a
Software Engineer II - Application Security, you will be a member of an energetic agile team dedicated to application security. You and your team will collaborate with teams throughout the organization to ensure our product solutions are secure. You will be a security champion and share your knowledge of security best practices with your colleagues to foster a culture of secure coding. You will assist application teams in the remediation or mitigation of security vulnerabilities, both in our applications as well as in third-party dependencies.
If you love technology, have a passion for application security, are hungry to learn, and are driven to contribute to a world-class team of engineers, you're who we are looking for.
Core Requirements and Responsibilities: - Ensures our applications meet internal security standards and SSDLC (Secure Software Development Lifecycle) best practices.
- Develops new features and maintains existing features of our internal security tooling.
- Participates in threat modeling exercises with application development teams.
- Monitors results of dynamic, static, and dependency vulnerability scans.
- Research security findings to assist in determination of validity.
- Supports application development teams in the remediation of vulnerabilities.
- Provides technical training on secure coding and ongoing guidance to application developers.
- Conducts technical research on vulnerable third-party libraries and provides recommendations for resolution.
- Monitors evolving security threats, escalating when necessary.
- Stay current on application security trends and practices.
- Promotes a culture of secure coding best practices.
- Creates artifacts/documents that are valuable to the team.
- Writes well-designed, testable code.
- Participates in code reviews, both of your own code and as a reviewer.
- Mentors and inspires others to raise the bar for everyone around them.
Knowledge, Skills and Abilities: - Has a solid understanding of the OWASP Top 10.
- Adheres to security standards and internal security SLAs.
- Cares about and knows what it means to ship secure code; able to define and adhere to secure coding standards.
- Able to investigate security issues and provide solutions for remediation or mitigation.
- Proficient with relevant security tools and technologies used to identify and resolve application security issues.
- Can independently frame problems and perform relevant research.
- Collaborates with peers to design pragmatic solutions.
- Operates best in a fast-paced, flexible work environment.
- Effective communication (written and verbal) and interpersonal skills.
- Problem solver with strong analytical and critical thinking skills.
- An innate curiosity about how things work; proactively acquires new skills and learns new tools and technologies to troubleshoot issues.
- A team player and excellent collaborator.
- Interested and capable of learning other programming languages as needed.
Qualifications: - Bachelor's degree in Computer Science (or related technical field) or equivalent practical experience.
- 2-3 years of professional experience with Java or .NET and common frameworks.
- Experience in or a strong desire to pursue an application security role.
- Experience with JavaScript and Angular, React.js, or similar.
- Experience working in an Agile environment required.
- Knowledge of secure coding best practices.
Additional Requirements and Details: - Travel required up to 5% of the time.
- Located and working from an office location.
- Occasional lifting and/or moving up to 10 pounds.
- Frequent repetitive hand and arm movements required to operate a computer.
- Specific vision abilities required by this job include close vision (working on a computer, etc.).
- Frequent sitting and/or standing.
Skills & Requirements Qualifications Vertafore is a Flexible First working environment which allows team members to work from home as often as you'd like, while using our offices as a place for collaboration, community, and teambuilding. There are times you may be asked to come into an office and/or travel for specific meetings for a specific business purpose and this varies by job responsibilities.
Why Vertafore is the place for you: Canada Only
- The opportunity to work in a space where modern technology meets a stable and vital industry
- Medical, vision & dental plans
- Life, AD&D
- Short Term and Long Term Disability
- Pension Plan & Employer Match
- Maternity, Paternity and Parental Leave
- Employee and Family Assistance Program (EFAP)
- Education Assistance
- Additional programs - Employee Referral and Internal Recognition
Why Vertafore is the place for you: US Only
- The opportunity to work in a space where modern technology meets a stable and vital industry
- We have a Flexible First work environment. Our North America team members use our offices for collaboration, community and team-building, with members asked to sometimes come into an office and/or travel depending on job responsibilities. Other times, our teams work from home or a similar environment.
- Medical, vision & dental plans
- PPO & high-deductible options
- Health Savings Account & Flexible Spending Accounts Options:
- Health Care FSA
- Dental & Vision FSA
- Dependent Care FSA
- Commuter FSA
- Life, AD&D (Basic & Supplemental), and Disability
- 401(k) Retirement Savings Plain & Employer Match
- Supplemental Plans - Pet insurance, Hospital Indemnity, and Accident Insurance
- Parental Leave & Adoption Assistance
- Employee Assistance Program (EAP)
- Education & Legal Assistance
- Additional programs - Tuition Reimbursement, Employee Referral, Internal Recognition, and Wellness
- Commuter Benefits (Denver)
The selected candidate must be legally authorized to work in the United States.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all the job responsibilities, duties, skill, or working conditions. In addition, this document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
Vertafore strongly supports equal employment opportunity for all applicants regardless of race, color, religion, sex, gender identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, sexual orientation, genetic information, or any other characteristic protected by state or federal law.
The Professional Services (PS) and Customer Success (CX) bonus plans are a quarterly monetary bonus plan based upon individual and practice performance against specific business metrics. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.
The Vertafore Incentive Plan (VIP) is an annual monetary bonus for eligible employees based on both individual and company performance. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.
Commission plans are tailored to each sales role but common components include quota, MBO's and ABPMs. Salespeople receive their formal compensation plan within 30 days of hire.
Vertafore is a drug free workplace and conducts preemployment drug and background screenings. We do not accept resumes from agencies, headhunters or other suppliers who have not signed a formal agreement with us.
We want to make sure our recruiting process is accessible for everyone . click apply for full job details