Staff Application Security Engineer

Summary

The job is for a Staff Application Security Engineer at Starburst, a remote-first company that offers a data lake analytics platform. The role involves building and operating the foundational elements of the Product Security Program, advising and training development teams on secure coding best practices, managing application security tooling, and more.

Requirements

• A strong command of application security fundamentals
• A strong understanding of enterprise software development processes
• Ability to communicate and collaborate with Product and Engineering teams
• Experience building and rolling out new processes
• Experience in Enterprise B2B SaaS
• Experience working directly with customers
• Experience leading and mentoring colleagues and team members

Responsibilities

• Build automations to identify and prevent risks during software development
• Build threat models to identify potential vulnerabilities in architecture and design
• Work with the Product and Engineering organizations to prioritize and remediate vulnerabilities and to design and implement application security controls
• Advise and train development teams on secure coding best practices
• Respond to and investigate security incidents and breaches related to application vulnerabilities
• Manage 3rd party penetration testing
• Manage application security tooling (SCA, SAST, and DAST, etc.)
• Manage a Vulnerability Disclosure Program
• Prepare and present reports on application security status and improvement recommendations to management
• Occasionally work directly with customers

Benefits

• Remote-friendly work options
• Flexible paid time off
• Competitive salaries and attractive stock grants
• Inclusive, diverse culture that drives deep engagement, authentic belonging, and an exceptional All-Star experience