Demo
Salary Resume Critique Job Openings

Principal Application Security Engineer

Barracuda
Colorado, CO Full Time
POSTED ON 1/19/2025
AVAILABLE BEFORE 4/18/2025

Job ID 25-439

Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data and applications with innovative solutions that grow and adapt with our customers’ journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.

We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.

Envision yourself at Barracuda

The Principal Application Security Engineer assures the safety and security of Barracuda Networks software and services through source code review, manual application security assessment, operation and integration of automated security assessment solutions, architecture review, and expert advice regarding software security trends, threats, best practices and incidents.

Tech Stack Exposure

  • A deep understanding of software security best practices and vulnerabilities, especially as they relate to web applications (e.g. OWASP Top 10)
  • Experience identifying vulnerabilities in software and SaaS services
  • Experience in source code review, preferably for Python, PHP and Go
  • Experience in scoping and performing manual application penetration testing
  • Experience in assessing the risk of identified vulnerabilities, and providing correct, robust and actionable recommendations to mitigate and / or resolve the vulnerabilities
  • Experience in understanding software vulnerabilities, in finding other instances of the vulnerability across codebases, and in identifying collateral / related vulnerabilities.
  • Experience in assessing the implemented resolution of a vulnerability for completeness and accuracy, and identifying bypasses for the implemented resolution
  • Experience in working collaboratively with software development teams to identify vulnerabilities in all stages of software development
  • Experience in communicating effectively with people of varying security proficiency and interest (fellow security professionals, engineering, and management)
  • The ability to coordinate and participate in wide-scale Software Incident Security Response exercises such as the log4j response, understanding and unpacking information as incidents unfold, and in working across the organization to deliver a comprehensive "Identify, Resolve, Validate" solution
  • Basic programming experience in at least one language, preferably Python or Go, and experience in automating routine tasks such as searching source code and manipulating data.

What you’ll be working on

  • Ensure the secure delivery of software from design through to implementation
  • Maintain awareness of software security trends, incidents, and best practices, and provide expert advice and guidance to engineering teams regarding secure development and vulnerability remediation.
  • Manage Barracuda’s bug bounty programs
  • Work collaboratively with the organization, including with Security, Compliance and Engineering, to understand and remediate computer and software security incidents
  • Evaluate new and emerging security technologies, features, and products.

    • What you bring to the role

  • 7 years of experience
  • The ability to perform source code review in new and unfamiliar languages using knowledge of security best practices and a willingness to read documentation
  • Solutions architecture review experience, and the ability to identify opportunities and vulnerabilities early in the specification and development of software
  • Threat modelling experience
  • Fuzzing experience
  • Experience using and integrating automated software security scanners such as SAST / DAST / SCA
  • An understanding of Infrastructure as Code and cloud platform security (preferably Azure and AWS)
  • An understanding of identity, authentication and authorization protocols including OAuth / OpenID Connect and SAML
  • Published examples of work such as original research, vulnerability advisories, conference talks, bug bounty writeups or CTF writeups
  • The ability to identify opportunities for process improvement, including automation and the authorship of software (scanners, fuzzers, helper utilities etc.)
  • Experience participating in and / or managing bug bounty programs
  • Experience with and / or a willingness to collaborate with other security functions such as compliance and policy, network / corporate security, security monitoring and incident response

    • What you’ll get from us A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.

  • Equity, in the form of non-qualifying options
  • High-quality health benefits
  • Retirement Plan with employer match
  • Career-growth opportunities
  • Flexible Time Off and Paid Time Off benefits
  • Volunteer opportunities

    • At Barracuda, we believe in fair and equitable compensation practices that reflect both market realities and the unique circumstances of each geographical location. We recognize that cost-of-living disparities, market conditions, and other factors can significantly impact compensation expectations in different regions. The compensation range provided in this job description is for illustrative purposes only and may not reflect the actual compensation offers for the position in your location. Final compensation will be determined based on a variety of factors including the candidates’ qualifications and experience.

    California : $232,000 - $250,000

    Read on to find out what you will need to succeed in this position, including skills, qualifications, and experience.

    New York City : $193,000 - $218,000

    Westchester County, NY : $193,000 - $218,000

    Washington : $209,000 - $223,000

    Colorado : $174,000 - $191,500

    LI-remote

    J-18808-Ljbffr

    Salary : $174,000 - $191,500

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Principal Application Security Engineer?

    Sign up to receive alerts about other jobs on the Principal Application Security Engineer career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $88,984 - $115,784
    Income Estimation: 
    $111,369 - $141,168
    Income Estimation: 
    $117,871 - $153,580
    Income Estimation: 
    $109,939 - $144,341
    Income Estimation: 
    $114,500 - $144,633
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $102,189 - $143,024
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Barracuda

    Sales Operations
    Barracuda
    Hired Organization Address California, MO Full Time
    Job ID 25-491 Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business de...
    Account Executive (GA or TX)
    Barracuda
    Hired Organization Address Alpharetta, GA Full Time
    Job ID: 25-497 Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business d...
    Director, Americas Sales Operations
    Barracuda
    Hired Organization Address California, MO Full Time
    Job ID 25-491 A variety of soft skills and experience may be required for the following role Please ensure you check the...
    Account Executive (GA or NJ)
    Barracuda
    Hired Organization Address Alpharetta, GA Full Time
    Job ID: 25-495 Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business d...
    View More Jobs at Barracuda

    Not the job you're looking for? Here are some other Principal Application Security Engineer jobs in the Colorado, CO area that may be a better fit.

    Principal Data Engineer (Security Cleared)

    Quantexa, Almont, CO

    Platform Security Engineer Pax8

    Cannon Security Products, Colorado, CO

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!