About the job
As a Senior Application Security Engineer, you will play a crucial role in enabling developers to build secure applications for my client. You will work in lockstep with the engineering team to establish secure-by-default practices on widely adopted platforms. You will provide critical application security operational services, such as security reviews, developer security education, and product security incident response. You have an incredible opportunity to leverage the robust product suite, including Logs, Dashboards, Service Catalog, and Application Performance Monitoring (APM), to not only build out security services but also collaborate with engineers who champion strong security and reliability ownership. This role offers a unique opportunity to significantly shape security practices across my clients rapidly evolving platforms.
What You’ll Do:
- Get a deep understanding of the software development life cycle, software supply chain, build pipelines, delivery mechanisms, and configuration management
- Lead the development and implementation of secure-by-default solutions across various applications and platforms
- Conduct threat modeling on new and existing products with engineering teams using frameworks such as STRIDE
- Design and lead developer security training to enhance design and coding best practices
- Work with engineering teams to align new features to achieve world-class security.
- Identify top company threats across products and services and prioritize remediation efforts
- Empathize with the full spectrum of our customers and our engineers by advocating for effective solutions that scale with the needs of our business and our customers.
- Serve as a subject matter expert for other teams regarding building, delivering, and deploying code.
- Provide mentorship and guidance to team members and foster a positive team culture.
Who You Are:
- Background in Application Security - OWASP Top 10, XSS, injection, access control, cryptography, static analysis security testing (SAST), dynamic analysis security testing (DAST), security libraries
- Background in software engineering or development in a collaborative environment. Go, Python are preferred.
- Can lead the development and implementation of secure-by-default solutions across various applications and platforms. Has experience implementing secure by default framework, libraries, and solutions
- Can perform secure design reviews and threat models with staff engineers and architects on complex systems
- Have empathy, collaboration skills, and a learning mindset to work cross-functionally with engineers of all levels from product and platform teams company wide
- Acts as an effective mentor in fostering the growth of teammates. You actively promote a positive team culture and are dedicated to the ongoing development and success of your peers.
- Proven track record of driving security initiatives with leadership and engineering buy-in
Benefits and Growth:
- New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
- Continuous professional development, product training, and career pathing
- Intradepartmental mentor and buddy program for in-house networking
- Access to Inclusion Talks, our internal and external panel discussions
- Free, global mental health benefits for employees and dependents age 6+
- Competitive global benefits