Description

Your Role & Mission

The Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.

Responsibilities

  • Select or build tooling to help developers build secure code
  • Provide overall security architectural advice to Engineering and IT
  • Manage issues sourced from penetration tests and bug bounty programs 
  •  Participate in the security champions program
  • Help Product, Engineering and IT incorporate security requirements into new products from inception
  • Assist in the creation and maintenance of Security Risk Models for new projects and existing systems

Skills & Competencies

  • 5+ Years of Web Application Security experience
  • Strong experience with vulnerability management, or penetration testing is required.
  • Extensive experience in conducting Architectural Reviews and Threat Models frequently is required. 
  • Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)
  • Strong Linux knowledge is a plus. 
  • Experience with cloud services, ideally GCP is plus. 
  • Strong software development skills ideally in Ruby, Node Secondary
  • Strong Communication and Influencing skills
  • Should have worked in SaaS environment. 
  • Should have extensive knowledge of Open Redirect, OAuth, and CSRF. 
  • Certifications: OSCP/OSWE/CEH: At least 1 Certification is a plus. 

#LI-JM1



Please mention the word **RELIABLY** and tag RMmEwNjoyZWMwOjE6OjEzNw== when applying to show you read the job post completely (#RMmEwNjoyZWMwOjE6OjEzNw==). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.