Application Security Engineer

Summary

Join Remote as an Application Security Engineer and make a difference in the global employment space. This fully remote position offers the opportunity to work from anywhere in the world. Key responsibilities include performing vulnerability scans, code reviews, and assisting in vulnerability management. You will need 2-4 years of experience, a Bachelor's degree in a related field, or equivalent experience, and a strong understanding of security vulnerabilities and mitigation strategies. Remote offers competitive compensation and benefits, including flexible paid time off, flexible working hours, 16 weeks of paid parental leave, and more. The application process involves several interviews and a take-home challenge.

Requirements

• From 2 to 4 years of experience
• Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
• Good understanding of most common security vulnerabilities (e.g. OWASP Top 10 web, api, mobile and IaC) and general mitigation strategies
• Knowledge of secure coding practices and Secure SDLC
• Experience with security testing tools (SAST, SCA, DAST, etc)
• Basic knowledge of threat modelling
• Experience with Vulnerability Management
• Knowledge of automation of security tools (scripting, playbooks, etc)
• Writes and speaks fluent English
• Excellent communication and interpersonal skills
• Good analytical and problem-solving skills
• Team oriented

Responsibilities

• Perform vulnerability scans and discuss results with teams
• Perform code review (ad-hoc) to identify vulnerabilities
• Assists in vulnerability management process, including assign/modify CVSS score and severity level
• Support identification of potential security risks from a threat model
• Participate in product features design to identify potential security risks
• Investigate and determines the exploitability of a vulnerability, either theorically or with a PoC
• Supports management of CI/CD security tools

Preferred Qualifications

• Experience with offensive testing toolkits (e.g. burp suite, owasp zap)
• Knowledge of tuning appsec testing tools
• Security Certifications
• Experience working remotely
• Experience running a bug bounty program
• Experience working with SIEM solution

Benefits

• Work from anywhere
• Flexible paid time off
• Flexible working hours (we are async )
• 16 weeks paid parental leave
• Mental health support services
• Stock options
• Learning budget
• Home office budget & IT equipment
• Budget for local in-person social events or co-working spaces