Senior Application Security Engineer
We are looking for an information security professional to lead my clients application security program.
As a Senior Application Security Engineer, you’ll partner with product teams to help improve the security posture and design of both our enterprise and consumer-facing products.
You'll be part of a team developing a modern AppSec program with a highly automated approach to security coupled with a collaborative approach to working with Engineering partners.
You’ll be operating in a fast paced, agile environment, with a goal of making security a key part of the product. It is a great opportunity to apply your years of AppSec experience in making products secure by default. As a foundational member of this team, you will have a huge impact on the product roadmap, and in building a trusting relationship with the engineering community.
What you'll do
* Provide security guidance to engineering teams on new products and technologies
* Taking ownership and driving the application security and privacy initiatives
* Perform threat modeling and architecture review on upcoming features and products
* Perform regular security assessments through penetration testing and code reviews of products
* Encourage and train developers in secure coding practices
* Develop security features in our product and scale security tools and processes through automation
* Protect from bot attacks by tuning our edge protection and implementing app level protections
* Continuously improve the Application Security Program and actively take part influencing its roadmap
Who you are
* You’ve worked in an AppSec role and have a solid understanding of security fundamentals
* You’re proficient in one or more coding languages (Python, C#, Go) i.e you can code and perform security code reviews
* You’re experienced in working with highly technical engineering teams
* You have performed threat modeling and architectural review for years
* You like bug hunting and penetration testing (bonus points if you share your Bugcrowd/HackerOne profiles)
* Experience in AWS is a plus
* Experienced contributing to the security community (public research, blogging, presentations, etc.)
Perks
* Equity stake in a well-funded growth stage company
* Flexible work environment, allowing you to work as many days a week in the office as you’d like or 100% remotely
* A WFH stipend to support your home office setup
* Benefits package that supports health and dental. We also provide annual subscriptions to Headspace
* Pension
* Life Insurance