Application Security Engineer

Summary

Join Fingerprint as a Senior Application Security Engineer and play a pivotal role in ensuring security is integrated throughout the software development lifecycle. You will provide guidance on secure coding practices, conduct security reviews, own threat modeling, integrate security tools into the DevOps pipeline, and assist in incident response. The ideal candidate has 5+ years of experience as an Application Security Engineer, proficiency in multiple programming languages, experience with cloud technologies, and knowledge of secure coding practices and security tools. Excellent communication and collaboration skills are essential. Fingerprint is a globally dispersed, 100% remote company with a strong open-source focus.

Requirements

• 5+ years of experience as an Application Security Engineer
• Proficiency in multiple programming languages with an understanding of the intricacies and potential security flaws
• Experience with cloud technologies
• Knowledge of secure coding practices
• Proficiency with security tools and technologies - static/dynamic analysis tools, penetration testing tools, knowledge of firewalls, intrusion detection systems and encryption
• Excellent communication and collaboration skills. Must be able to articulate complex security concepts to engineers and other stakeholders in a simple, understandable way
• Ability to write clear and concise security reports and presenting findings to both technical and non-technical audiences
• Ability to work effectively as a team with engineers, respect different perspectives and collaborate towards a common goal with business priorities in mind
• Problem solving and critical thinking skills. Deep understanding of the problem space and a systematic approach to problem solving is a must
• Ability to critically evaluate the security of a system, assess the impact of potential vulnerabilities and consequences of different security decisions

Responsibilities

• Provide guidance to engineers on secure coding practices, participate in coding reviews to identify any potential security vulnerabilities, and advise on remediation strategies
• Conduct security reviews to evaluate applications for potential vulnerabilities
• Own threat modeling - Understand the application’s architecture, identifying potential attack vectors and devising strategies to mitigate these threats
• Integrate security tools and processes into the DevOps pipeline
• Assist in response and recovery in the event of a security incident or breach
• Raise awareness about application security within the organization

Preferred Qualifications

• Bachelor's degree in Computer Science, Engineering, or a related technical field
• Familiarity with application security frameworks and standards like NIST, CIS, CSA ,etc
• Experience in a fast paced startup environment
• Golang experience
• Experience with AWS technologies