We are looking for a Head of Application Security to establish and manage our information and cyber security team. You will be responsible for the application security and software security. Partnered with R&D, DevOps, and in charge of securing payments code and products for high-profile clients in a leading company.

Why join Tipalti?

Tipalti is one of the world’s fastest-growing fintech companies. We free finance professionals to lead by modernizing the entire payables operation. We are a well-funded, late-stage start-up backed by high-profile investors. Our 2021 Series F funding round raised $270 million, valuing us at over $8.3 billion. With total funding of just over $550 million, and with more than 3000 global customers, Tipalti is one of the most valuable private fintech companies in the world.

At Tipalti, we pride ourselves on our collaborative culture, the quality of our product and the capabilities of our people. Tipaltians are passionate about the work they do, and keen to get the job done. Tipalti offers competitive benefits, a flexible workplace, career coaching, and an environment where diverse individuals can thrive and make an impact. Our culture ensures everyone checks their egos at the door and stands ready to reach for success together.

In This Role, You Will Be Responsible For

• Application threat modeling
• Work closely with Product, R&D, and DevOps teams to define high-level and detailed security requirements for various features.
• Build, maintain, and improve AppSec processes & tools.
• Work with R&D teams to review code for security vulnerabilities (manual and automated)
• Perform periodic application level penetration tests on major features and versions.
• Evaluate the security posture of various 3rd party tools, libraries, and vendors from an application security perspective.
• Drive and track the progress of security bug resolution with R&D and DevOps teams.
• Work on RFP and audit responses as needed
  
  

About You

• Manage an application security team - 3 +years experience
• 4+ years of experience in the hands-on application security field including Threat modeling & SDLC process.
• Holds Cissp \ Cism \ OSCP \ OSWA certification - Advantage
• Offensive application experience - Advantage
• Deep knowledge of common application level vulnerabilities and mitigation (OWASP top 10, SANS 25, etc).
• Strong manual code review skills in Java script node.js and C#
• Good knowledge of secure coding best practices and the ability to guide R&D teams on how to write secure code.
• Experience with SAST tools
• Familiarity with Docker containers, Kubernetes, etc
• Excellent verbal/written communication and data presentation skills, including experience communicating with both business and technical teams.
• Self-motivated work well independently and with others
  
  

Interested in learning more about us?

Tipalti is the only company handling both global partner payments and accounts payable workflows for high-velocity companies across the entire financial operations cycle: onboarding and managing global suppliers, instituting procurement controls, streamlining invoice processing and approvals, executing payments around the world, and reconciling payables data across a multi-subsidiary finance organization. Tipalti enables companies to scale quickly by making payables strategic with operational, compliance, and financial controls. Through Tipalti, our clients can efficiently and securely pay thousands of partners and suppliers in 196 countries within minutes.

Tipalti is fueled by a commitment to our customers and a desire to build lasting connections. Our client portfolio includes high-velocity businesses such as Amazon Twitch, GoDaddy, Roku, WordPress.com, and ZipRecruiter. We work hard for our 98% customer retention rate which is built on trust, reliability and innovation. Tipalti means we handled it" - a mission to which we are constantly committed.

Job Candidate Privacy Notice | Tipalti

www.tipalti.com/privacy/job-candidate-privacy-notice/