Job Requisition ID #

25WD91155

Security @ Autodesk 

Our team of security experts helps Autodesk design, build, deploy and maintain secure products. We are embedding security in the full spectrum of how we build our products from inception, design, development, testing to how we are running them in the cloud as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of the bad guys and use expertise, technology and other resources to thwart their efforts to compromise our products and the environment in which they operate. Our team keeps a single-minded focus on protecting our customer’s data and their investment in our products by strengthening our applications, underlying services and network. 

 

Position Overview 

We are looking for a passionate Principal Application Security Engineer to drive strategic direction, develop standards, guidelines, and policies for our application security program. You will lead “shift-left” security efforts to build security into the software development lifecycle (SDLC). You will drive a standardized set of security requirements and align policies to meet external regulatory requirements. Come practice and grow your security expertise at scale to keep Autodesk one step ahead of our adversaries! 

 

Responsibilities 

Define our application security strategies, standards, policies, and roadmaps and champion their implementation

Guide product stakeholders and teams to incorporate security into the SDLC

Evaluate the threat landscape through architecture reviews, secure code reviews, and threat models

Explore new and emerging technologies to identify security solutions to fill gaps or enhance capability and security value

Review output from SAST, DAST, and SCA tools and provide feedback on results

Establish security metrics and define KPIs for the application security program

Assist PSIRT with analysis on vulnerability reports submitted by researchers and root cause analysis

Assist in creation of security training and workshops for application teams

 

 Minimum Qualifications 

8+ years of experience in application security including web application experience, desktop application experience, and secure coding practices

Familiarity with industry standards and frameworks, such as OWASP Top Ten Project, NIST Cybersecurity Framework, SSDF, SLSA, etc

Expertise in threat modeling methodologies and tools

Experience with PKI/certificates and cryptography

Familiarity with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis tools and methodologies

Proficiency with at least one common programming language such as Python, Golang, Java, C/C++, or Javascript

Experience with cloud computing technologies, especially AWS (Amazon Web Services) or Azure

Experience with Git, Jenkins, Artifactory, or other similar technologies

Strong communication skills with the ability to converse with multiple types of audiences

Experience collaborating with distributed teams and other partners

Learn More

About Autodesk

Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.

We take great pride in our culture here at Autodesk – it’s at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.

When you’re an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!

Salary transparency

Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.

Diversity & Belonging
We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belonging

Are you an existing contractor or consultant with Autodesk?

Please search for open jobs and apply internally (not on this external site).