We are looking for an application security professional to lead our application security program. As an Application Security Engineer, you'll partner with product teams to help improve the security posture and design of both our business and consumer facing products.
You'll be operating in a fast paced, agile environment, reviewing critical sections of code and pen testing high risk endpoints. Combining manual testing, building, and implementing tools to automate vulnerability discovery is one of the highlights of the role.
What you'll do
- Conduct application security design reviews, pentests, and assessments
- Build, prototype, implement, and automate vulnerability discovery and reporting tools
- Validate, risk rank, document, and prioritize remediation for external vulnerability reports and 3rd party security assessments
- Participate in Red Team/ Blue Team exercises
Who you are
- 4+ years in an application security role
- Knowledge of web application vulnerabilities (e.g. OWASP Top 10)
- Proficiency in one or more coding languages (Go, Python, Ruby, Java)
- Capable of practically applying and combining security vulnerabilities, simulating real attacks to help communicate risk to business
- Comfortable operating in a containerized environment in both Windows and Linux systems