Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com.
As an Application Security Engineer at Bonterra, you will be performing manual web application penetration tests, triaging static analysis findings and reviewing application source code to identify security defects.
This is a technical role, and the ideal candidate should be able to find complex web application vulnerabilities, create proof of concept exploits as needed, make detailed recommendations for remediation and work closely with the developers to ensure the issue is resolved.
What You’ll Do
-
Report directly to the Director of Application Security.
-
Perform manual web application penetration tests.
-
Review / triage SAST and DAST scan results.
-
Participate in application design discussions and threat modeling exercises.
-
Advise development teams on common web application vulnerabilities such as OWASP Top 10.
-
Write up, prioritize and track Jira tickets for identified issues, and work with developers to ensure the vulnerabilities are properly remediated.
-
Work with Risk & Compliance teams on SOC 2, PCI-DSS, HIPAA , and other audits as needed.
Requirements
-
Strong manual web application penetration testing skills.
-
A deep understanding of web application vulnerabilities, their root causes, and remediation.
-
The ability to review application source code as needed to triage SAST results and aid in manual code assisted tests to identify security defects.
-
Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
What sets you apart
-
Experience performing application threat modeling or software architecture reviews.
-
Experience with information security frameworks & controls. Knowledge of NIST, ISO, SOC 2, PCI, and/or CIS Controls
-
Previous software development or application design experience.
-
Experience securing cloud environments and performing AWS security configuration reviews.
The range displayed on this job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and in addition to benefits this role may be eligible for discretionary bonuses/incentives, and equity.
US Base Salary Range: $75,000 - $130,000
Please note that the compensation range and benefits specified in this job posting is applicable to candidates based in the United States. For international applicants, actual salary offers and benefit plans may vary based on the local market compensation standards and will be determined in accordance with regional considerations, including but not limited to applicable laws, cost of living, and industry norms.
We will be accepting applications for this role until 2/5/2025
Our Culture: At Bonterra, we’re innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. To achieve our vision, we cultivate an inclusive environment where diversity is embraced and every team member feels empowered to contribute. Innovation, curiosity, and a commitment to equity guide our work. We foster a culture of belonging, ensuring that every individual is valued, respected, and given the tools to succeed. Together, we are dedicated to making a positive impact in the world.
Our comprehensive and competitive benefits include:
-
Generous Flexible Time Off (FTO) Policy
-
Up to 15 paid company holidays including some commemorating social justice events and self-care
-
Paid volunteer time
-
Resources for savings and investments
-
Paid parental leave
-
Paid sick leave
-
Health, vision, dental, and life insurance with additional access to health and wellness programs.
-
Opportunities to learn, develop, network, and connect
Please note the benefits specified on this page are applicable to full-time employees based in the United States. For international employees, actual benefits may vary based on local standards and regulations and will be determined in accordance with regional considerations, including but not limited to applicable laws and industry norms.
We are committed to being an equal opportunity employer and evaluate qualified applicants without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, diversity of thought and any other characteristic protected by applicable law.
What We Do
Bonterra is the second-largest and fastest-growing social good software company in the world. Formed through the combination of CyberGrants, EveryAction, Network for Good, Social Solutions, WeSpire, and their respective entities, Bonterra enables unprecedented connectivity between social good organizations and their community of supporters and constituents. This will reshape philanthropic giving, empower digital transformation, and bring the social good sector the technology it needs to accelerate lasting social change.
Our purpose is to power those who power social impact. To that end, we serve the people who make social good possible—the doers behind the scenes across nonprofits, public agencies, corporations, philanthropic organizations, and foundations. Our case management, corporate social good and philanthropy, and nonprofit fundraising and engagement technology solutions make the work behind social good easier, more efficient, and more effective. Our innovative, passionate team of industry experts and advocates elevate the people that make social good possible—we call this championing the doers—and raise the bar for how social change happens. And our partnerships with our customers unlock potential to help them thrive.
We seek diversity and embrace the power of our differences, and we never stop looking for ways to widen our circle of inclusion. Bonterra is currently accelerating the hiring process to bring in new mission-driven talent with openings for remote work and positions based in Andover MA; Austin TX; Washington, DC; Pittsburgh PA; Ontario, Canada; and various locations in Australia.
Our Values:
ELEVATE DOERS OF GOOD
Fuel growth. Power with partnership. Do the best work of our lives.
INNOVATE COURAGEOUSLY
Be curious. Deeply understand our clients. Have each other's backs.
CULTIVATE INCLUSIVITY
Open doors. Create space. Center diversity, equity, inclusion, and belonging.
APPRECIATE THE JOURNEY
Celebrate progress. Bring everyone along. Enjoy the ride.
Gallery
 (1).png)
