What Youโll Do
On this team, you will:
- You'll unravel and tackle application security challenges at an exhilarating scale.
- You'll collaborate with exceptional engineers developing cutting-edge applications and platforms
- You'll enjoy the freedom and support to experiment, innovate, and significantly shape our approach to securing applications
โ
In this role, you will:
- Conducting architecture reviews, security assessments, and code reviews to proactively identify and fix vulnerabilities in our applications
- Developing robust, repeatable frameworks for application security that make it easy for teams to build securely from day one
- Collaborating closely with development teams to integrate security seamlessly into their CI/CD pipelines
- Crafting clear, practical security guidance and documentation that empowers developers
- Actively participating in architectural discussions and providing insightful security recommendations
- Occasionally, 'drawing the owl' - figuring out innovative solutions while navigating ambiguous situations
โ
Investing in our people is one of our top priorities, and we value candidates who can bring their diversified experiences to our teams. Here are some qualities weโve found compatible with our team. We'd love to talk about whether this aligns with your experience and interests and what youโre excited to work on next.
โ
โ
Who You Are
Minimum Qualifications
- At least 3 years of experience directly focused on securing the software lifecycle
- Strong skills in application architecture, secure coding reviews, and threat modeling
- Solid experience developing secure applications or security tooling in Go, Python, or similar modern languages
- Proven experience collaborating with developers to implement secure coding practices.
- Excellent ability to negotiate and reach consensus with developers and fellow security practitioners, as well as excellent documentation skills
- Familiarity with modern development environments, containers, microservices, and CI/CD pipelines
โ
Preferred Qualifications
- Hands-on experience with Kubernetes security, especially as it relates to being a YAML engineer
- Familiarity with SAST/DAST and other automated application security testing tools
- Deep understanding of cloud-native security challenges and solutions
โ
