Lead Application Security Engineer

Summary

The Lead Application Security Engineer will be responsible for building and managing the AppSec program at Apollo.io, interacting with engineering to create a secure SDLC, and implementing tools, education, and processes to reduce risk of security issues in the tech stack.

Requirements

• 7+ years of development with some security experience in the AppSec domain
• Strong Linux knowledge
• Strong software development skills ideally in Ruby or similar languages
• Ability to influence others
• Knowledge of common AppSec issues and tooling

Responsibilities

• Own all aspects of the secure SDLC
• Select or build tooling to help developers build secure code
• Provide overall security architectural advice to Engineering and IT
• Manage issues sourced from penetration tests and bug bounty programs
• Manage security champions program
• Help Product, Engineering and IT incorporate security requirements into new products from inception
• Assist in the creation and maintenance of Security Risk Models for new projects and existing systems

Preferred Qualifications

• Experience with cloud services, ideally GCP
• Experience with vulnerability management, or pentesting is a plus

Benefits

• Great compensation package
• Culture that thrives in openness and excellence
• Investment in developing remote employees’ careers
• Empowered to own your role as a proactive educator
• Collaborative environment, able to lean on teammates for support
• Encouraged to experiment and take educated risks that lead to big wins