Senior Security Engineer, Platform Security

At Qualtrics, we create software the worldâs best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platformâwe are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit, determination, and a disdain for conventionâbut most of all it requires close-knit, high-functioning teams with an unwavering dedication to serving our customers.When you join one of our teams, youâll be part of a nimble group thatâs empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together, by passing the microphone and iterating until the best solution comes to light. You wonât have to look to find growth opportunitiesâready or not, theyâll find you. From retail to government to healthcare, weâre on a mission to bring humanity, connection, and empathy back to business. Join over 6,000 people across the globe who think thatâs work worth doing.

Senior Security Engineer, Platform Security

The challenge

As Qualtrics continues to expand the Experience Management (XM) SaaS platform, we must ensure that weâre protecting our customers and their data by building and operating secure systems. With over one thousand software & system engineers contributing to Qualtrics XM every day, we have a large attack surface to evaluate and secure. This role is critical to our mission.

Qualtrics is seeking an experienced security engineer with a passion for security to lead a new platform security team at Qualtrics. This is a new role reporting to the Head of Platform Security that includes a mix of hands-on security engineering, program operations and team leadership responsibilities. 

The Platform Security team is responsible for measures to improve and ensure the security of web & mobile applications, code and related components, underlying infrastructure and cloud services in Qualtrics SaaS products (including those of our acquired companies). The team owns secure development standards and training, security testing tools (e.g., SAST, DAST, SCA, container vulnerability management, CSPM), threat modeling, penetration testing, red team, bug bounty, vulnerability disclosure and vulnerability management programs. Platform Security works in collaboration with other teams within the Information Security organization (including security operations and incident response, and security & privacy assurance) and across the Product Engineering organization.

A day in Life

• Review source code & software/system designs, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices
• Leverage your accumulated subject matter expertise of Qualtrics applications, systems, code and infrastructure to propose and drive architectural improvements which address classes of security flaws in the platform
• Support a team of security engineers through regular 1-on-1 sessions and team stand up meetings, coaching and workload management
• Document and improve secure development lifecycle processes, standards and guidelines
• Deliver training and provide mentoring to software engineers on security topics
• Facilitate threat modeling exercises to ensure optimized security design decisions are being made
• Document remediation recommendations and collaborate with engineers to ensure vulnerability findings are successfully and efficiently addressed
• Support bug bounty and vulnerability disclosure programs, including the triage and validation of reported findings
• Lead the selection, design, development, implementation and management of automated security testing tools
• Support Platform Security-owned tools and services which are relied upon by other organizations, including those in support of the vulnerability management program
• Coordinate with Platform Security counterparts based in the United States to align efforts
• Contribute to the platform security architecture and program strategy; align and communicate roadmaps with stakeholders

The Expectation for Success

You will define and drive improvements to the product and application security program; mentor and support a team of skilled security engineers; and work effectively with the Qualtrics engineering organization and fellow security team members to protect our customers and their data by building and operating secure systems.

Minimum Qualifications

• Bachelorâs degree in Computer Science, Cyber Security or a related field
• Over 5 years of relevant work experience
• Experience as a security engineer in product, application, infrastructure and/or cloud security
• Experience leading complex security projects and initiatives that require collaboration with teams across an organization
• Sound understanding of application & cloud security vulnerabilities (e.g., OWASP Top 10), defense techniques and security best practices, including language-specific security practices and present-day threats
• Experience with modern application development languages and frameworks (e.g., Node.js, Java, Golang, Python, React, Angular)
• Experience securing infrastructure, applications and services in AWS

Preferred Qualifications

• Experience with assessing and securing large, complex SaaS applications
• One or more relevant security certifications (e.g., CISSP, CISM, CEPT, CMWAPT, CPT, CEH, LPT, GWAPT, GPEN, GXPN, OSCP, AWS Certified Security - Specialty Certification)
• Some prior experience as a team, technical or project lead
• Use of agile methodologies for project management
• Manual web application penetration testing experience, including the use of professional penetration testing tools (e.g., Burp Suite)
• Strong familiarity with AWS, Docker, Kubernetes, Linux and similar technologies
• Experience securing iOS/Android mobile apps
• Prior full time software development experience

Our Teamâs Favourite Perks and Benefits

• Annual Leave: 20 or 26 annual leave days per annum plus an additional day for each year of service (to a max of 5).
• Private Medical Insurance- Luxmed health & dental cover for you and your dependants.
• Commuter Assistance- Up to the value of 80 PLN net a month for public transport.
• Savings Plan- Two company saving plans provided by Nationale Nederlanden: Employee Capital Plan (PPK) & Employee Saving Plan (PPO)
• QED PROGRAM- Qualtrics Engineer Development (QED) program: support, engineering learning activities up to 10% of engineering work time each quarter.
• Wellness- Up to the value of 800PLN gross per quarter can be reimbursed for a variety of wellness activities via our dedicated platform Twic.
• A choice of Multispot cards available.
• Our employee assistance program with Unum provides counselling and wellbeing support to all employees
• Experience bonus- 7000 PLN gross per annum. Qualtrics experience bonus is a program designed to provide experiences to our employees they might not otherwise have.
• Group Life & Income Protection Insurance
•  Glasses/Contact lenses Reimbursement
• Free breakfasts, lunches, snacks, and drinks for everyone in the office
• Tax-deductible expenses (up to 75% depending on role)

 

Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
âââââââ
Applicants in the United States of America have rights under Federal Employment Laws: Family & Medical Leave Act, Equal Opportunity Employment, Employee Polygraph Protection Act

Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please let your Qualtrics contact/recruiter know.   Qualtrics Work Experience - As we look to the future, we believe that our teams are better together. Being together will help us learn more, grow faster and ultimately deliver better results for our customers and Qualtrics. Roles tied to an office location work 4 days per week in the office together and 1 day from home, with a strong spirit of flexibility around taking time for personal, health, and family moments in our work weeks. Our managers work with their teams to create a collaborative, engaged work environment, and arrangement that works for each of our team members.   Not finding a role thatâs the right fit for now? Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events, behind the scenes stories from the team, interview tips, hot jobs, and more. No spam - we promise You'll hear from us two times a month max with fresh, totally tailored info - so be sure to stay connected as you explore your best role and company fit.

---