Remote Senior Application Security Engineer

Summary

Join theScore team as a Senior Application Security Engineer and contribute to building the best sports apps in the world! Collaborate with cross-functional teams, develop security standards, and implement secure artifact workflows. Work on complex security problems and grow your expertise.

Requirements

• 5+ years of Application Security or DevOps experience
• 5+ years of GCP or AWS experience
• Experience with software supply chain security (SBOMs, Artifact Signing, Attestations)
• Programming experience in Python or Go
• Experience with implementing security tooling in CI/CD
• Experience creating complex CI/CD workflows (building for multiple architectures, local caching, making automated source code changes based on workflow output)
• Experience supporting RESTful APIs and securing containerized workloads (GKE, EKS)
• Experience working in regulated environments (PCI-DSS, SOC 2, etc.)
• Experience leading technical projects and seeing them through to completion
• Excellent communication skills and a history of working well with other teams

Responsibilities

• Collaborate with release and change management, SRE, Engineering, and compliance teams
• Work with security/internal/external/state auditors to demonstrate compliance
• Maintain a working knowledge of OWASP top 10 and MITRE top 25 CWE
• Develop standards for security tooling focused on the application layer (SAST, DAST, SCA, MAST, RASP)
• Build/implement secure artifact workflows in the SDLC to ensure governance and compliance standards are being met
• Create technical approaches to implementing Application Security control technologies
• Contribute to theScore’s Application Security program to support our continued growth
• Define and report on security metrics, their delivery, and improvements
• Work with service teams to conduct threat models of theScore’s internal and customer facing applications
• Assist service teams in understanding and remediating security findings (code bashing)

Benefits

• Competitive compensation package
• Fun, relaxed work environment
• Education and conference reimbursements
• Parental leave