Senior Application Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
Your Role & Mission
The Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.
Responsibilities
Select or build tooling to help developers build secure code
Provide overall security architectural advice to Engineering and IT
Manage issues sourced from penetration tests and bug bounty programs
Participate in the security champions program
Help Product, Engineering and IT incorporate security requirements into new products from inception
Assist in the creation and maintenance of Security Risk Models for new projects and existing systems
Skills & Competencies
5+ Years of Web Application Security experience
Strong experience with vulnerability management, or penetration testing is required.
Extensive experience in conducting Architectural Reviews and Threat Models frequently is required.
Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)
Strong Linux knowledge is a plus.
Experience with cloud services, ideally GCP is plus.
Strong software development skills ideally in Ruby, Node Secondary
Strong Communication and Influencing skills
Should have worked in SaaS environment.
Should have extensive knowledge of Open Redirect, OAuth, and CSRF.
Certifications: OSCP/OSWE/CEH: At least 1 Certification is a plus.
#LI-JM1
Senior Application Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
Your Role & Mission
The Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.
Responsibilities
Select or build tooling to help developers build secure code
Provide overall security architectural advice to Engineering and IT
Manage issues sourced from penetration tests and bug bounty programs
Participate in the security champions program
Help Product, Engineering and IT incorporate security requirements into new products from inception
Assist in the creation and maintenance of Security Risk Models for new projects and existing systems
Skills & Competencies
5+ Years of Web Application Security experience
Strong experience with vulnerability management, or penetration testing is required.
Extensive experience in conducting Architectural Reviews and Threat Models frequently is required.
Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)
Strong Linux knowledge is a plus.
Experience with cloud services, ideally GCP is plus.
Strong software development skills ideally in Ruby, Node Secondary
Strong Communication and Influencing skills
Should have worked in SaaS environment.
Should have extensive knowledge of Open Redirect, OAuth, and CSRF.
Certifications: OSCP/OSWE/CEH: At least 1 Certification is a plus.
#LI-JM1