Security Application Engineer III

Paciolan is the #1 primary ticketing company in college athletics, and the #2 largest primary ticketing provider in the US, including performing arts, arenas, and professional sports. As a leader in ticketing, fundraising, marketing, analytics, and technology solutions, we power more than 500 live entertainment organizations, selling over 120 million tickets a year.

While we are the market leader in many areas, we will never act too big or move too slow as a company. At Paciolan, we come to work ready to innovate and succeed, and we always have fun doing it. You may not recognize our name because we white-label our consumer channels, but we create great products at scale…not just once a year on Black Friday, but every day when our events go on sale!

As we continue to grow, we’re looking for an exceptional Security Application Engineer III to join us on our journey. Our Security Engineers play a key role in safeguarding our web and mobile applications, directly impacting the security and trust of millions of users. This is a unique opportunity to shape the future of our products while advancing your career in a dynamic and rapidly evolving field of application security.

Job Functions

• Conduct security assessments and vulnerability testing of web and mobile applications.
• Collaborate with development teams to integrate security best practices and principles throughout the SDLC.
• Identify, analyze, and mitigate security vulnerabilities and threats.
• Develop and implement security tools (e.g., static analysis, dynamic testing tools) to enhance application security.
• Conduct code reviews and provide guidance to developers on secure coding practices.
• Stay up-to-date with the latest security trends, vulnerabilities, and threats.
• Track and report on key security metrics to ensure visibility into security posture.
• Respond to security incidents and perform root cause analysis.
• Develop and maintain security documentation, including secure coding guidelines and vulnerability management procedures.
• Educate and train staff on security best practices and emerging threats.
• Participate in threat modeling and risk assessments during application design and development.
  
  

What To Bring

• Bachelor’s degree in computer science, Information Security, or related field, or equivalent practical experience. We value hands-on experience over formal education.
• At least 4 years of experience in application security, including web and mobile application security.
• Proficiency in security testing tools and methodologies (e.g., OWASP ZAP, Burp Suite, Snyk, Checkmarx, Fortify).
• Strong understanding of secure coding practices and principles.
• Experience with security frameworks and standards (e.g., SOC2, OWASP, NIST, ISO/IEC 27001).
• Knowledge of authentication and authorization protocols (e.g., OAuth, JWT, SAML).
• Familiarity with cloud security best practices (AWS, Azure, Google Cloud).
• Proficiency in Shift Left methodologies and DevSecOps practices, with hands-on experience using tools such as Gitlab for enhanced security integration throughout the SDLC.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration skills.
  
  

An Extra “Awesome”

• Relevant security certifications (e.g., CISSP, CEH, OSCP).
• Experience with DevSecOps practices and tools.
• Understanding of container security, Kubernetes, and microservices architecture.
• Basic understanding of network security principles is a plus.
• Experience with incident response and forensic analysis is a plus, but not required.
  
  

What’s In It For You

Just like the teams we work with; we team up at Paciolan too! You’ll find espresso machines, basketball hoops, ping pong tables, Nintendo switch (Smash Bros!) and lots of options for hanging out with your coworkers such as: a running club, yoga class, company sponsored events off site and many more.

Pay Transparency

The approximate base pay range for this position is $120,000.00 to $140,000.00. Please note that the pay range provided is a good faith estimate for the position at the time of posting. Individuals may also be eligible for an annual discretionary bonus and/or sales compensation. Actual compensation may vary based on factors including but not limited to job-related knowledge, skills, and experience as well as geographic location.

Learfield offers a full spectrum of benefits for eligible employees including Medical, Dental, Vision, Health Savings Account, Life Insurance and Other Insurance Plans, Flexible Paid Time Off (including Parental Leave), Paid Holidays, 401(k), and Short/Long Term Disability.

Learfield is an Equal Opportunity Employer. We provide equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability.