Senior AppSec Architect

LivePerson (NASDAQ:LPSN) is a Conversational AI company creating digital experiences that are Curiously Human. Every person is unique, and our technology makes it possible for companies, including leading brands like HSBC, Orange, and GM Financial, to treat their audiences that way at scale. Nearly a billion conversational interactions are powered by our Conversational Cloud each month.

You'll be successful at LivePerson if you are excited to build something from the ground up. You excel by finding daily opportunities to grow at the same pace as the technology we're building, and you build partnerships that improve our business. Likewise, you're someone who sees feedback as a chance to learn and grow and believe decisions powered by data are the norm. You care about the wellbeing of others and yourself.

Overview:

The Application Security team at LivePerson is responsible for enhancing the security of LivePerson networks, applications and environments, on-premises and cloud.  All of our team members are expected to have a thorough understanding of complex IT systems and stay up to date with the latest security vulnerabilities, standards, systems and authentication protocols, as well as testing tooling and methodologies.

This role performs review and design of security controls, and application security testing internally and externally, both directed and independently.  

The right candidate will have a can do, follow-up and follow through attitude. They will be able to understand and assess our environments for vulnerability and communicate the associated risk to internal and external stakeholders. 

You will:

• A Senior AppSec Architect job includes:

  • Designing security controls to address the security needs of applications in concert with the business needs.
  • Reviewing applications and the associated security controls.
  • Assisting teams with application security requirements, controls, testing and understanding and addressing results.
  • Working with the engineering and security teams to find and explain security issues, suggest mitigations, and determine when issues are mitigated.
  • Performing application and network scans and penetration tests on Liveperson’s networks, applications and environments.
  • Validating external penetration test results and working with internal and external stakeholders.
  • Staying up to date on the latest patterns, tools and techniques ensures both your and the team is using the most effective and efficient methods.
  • Coordinating test schedules with engineering teams.
  • Producing both high level and detailed reports of testing activities and results.
  • Applying modern tooling and automating routine activities to the extent possible.
  • Leading, training, coaching and mentoring other members of the Application Security Team and the broader LivePerson Security and Engineering teams.

You have:

While a degree in Information Technology, Computer Science or related field is highly desirable, we also look to candidates with significant experience in this role and a proven ability to deliver quality results. 

Penetration testing and IT Security certifications such as CISSP, CSSLP, OSCP, GPEN, CEH as well as vendor, cloud and OS certifications are always welcomed, but don’t let them stop you from applying.

As well as adversarial thinking, well-formed opinions and a bias for action, Liveperson AppSec Team members include the following qualities:

• Broad experience of information security, AppSec and penetration testing techniques
• Solid understanding of cloud environments (GCP especially), web protocols, weaknesses and vulnerabilities - and the exploitation of these
• Good working knowledge of current IT risks and experience testing, exploitation and mitigation techniques
• Ability to conduct security code reviews in one or more of the following: Java, Python, and Node.js
• Experience developing automation and exploitation scripts 
• Experience penetration testing cloud deployed applications
• Experience with AppSec tooling and techniques
• Ability to interact with a broad cross-section of personnel to explain security vulnerabilities
• Highly curious and dedicated to continuous learning
• Excellent written and verbal communication skills

You will be customer-facing, internal and external customers are equally important to us. Providing excellent service and aligning security needs and productivity is important to the success of this position.

Benefits:

• Health: medical, dental, and vision
• Development: Native AI learning

Why you'll love working here:

We love team members who chase down their big ideas, become experts, help colleagues, and own their work. These four company values guide our continued, holistic growth as individuals, as teams, and as a global organization. And to further make our point, let's just say we're very proud to be on Fast Company's list of Most Innovative Companies and Newsweek's list of most-loved workplaces.

Belong at LivePerson

At LivePerson, people from diverse backgrounds come together to make an impact and be their authentic selves. One way we share and connect is through our employee resource groups such as: Live In Color, LP Proud, and Women In Tech. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local law.

We are committed to the accessibility needs of applicants and employees. We provide reasonable accommodations to job applicants with physical or mental disabilities. Applicants with a disability who require a reasonable accommodation for any part of the application or hiring process should inform their recruiting contact upon initial connection.