Application Security Engineering

Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.

Why join Coupa?

🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.

🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.

🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other. 

The Impact of a Application Security Engineering Engineer to Coupa:

 In this role, you will be working in a fun, challenging, fast-paced environment as a hands-on security testing engineer. You’ll partner with customer, sales, and product teams to coordinate penetration tests and application security scans, to validate results and to advise in remediation.  You support every product and customer team at Coupa, by providing them valid, meaningful feedback to ensure our products are developed safely and efficiently. You are a self-starter, comfortable with ambiguity, with strong attention to detail and passion for data; have a sense of humor and ability to have fun while working in a fast-paced and changing environment. Our teams are close-knit, high performing and insatiably curious.  We are unsatisfied with half-answers and incomplete solutions.

What You’ll Do

• Penetration testing of web applications, utilizing Mitre ATT&CK framework as well as OWASP top 10
• Analyzing application packages, including evaluating dependencies for vulnerabilities
• Receiving external penetration tests and vulnerability reports associated with our web application product and validating the same
• Developing / recommending remediation for findings
• Validating findings disclosed through our bug bounty program
• Conducting Static code analysis using tools and validating findings
• Conducting Dynamic code analysis using tools and validating findings
• Executing duties as assigned by the Manager, Application Security

What you will bring to Coupa

• Demonstrate work experience, certification, or university education related to application development and security.
• Penetration testing certification is recommended (CEH, GWEB, GPEN, OSCP)
• 1-3 years of experience, demonstrating solid foundations in web application development
• Experience with testing platforms such as Metasploit, Burp Suite, etc
• Experience with penetration testing
• Critical thinking skills (ability to solve complex problems)
• Scripting language skill, such as Python, Ba$h, Pearl, JavaScript
• Some development exposure, familiarity with .net and java recommended.




Preferred Skills

• Advanced certification in penetration testing and exploit creation (such as OSCP)
• Experience with application development and delivery, Quality Engineering/testing
• Knowledge of more programming languages, such as Go and Ruby

Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees. 

Please be advised that inquiries or resumes from recruiters will not be accepted.