Staff Security Engineer, AppSec
August 30
🏢 In-office - San Francisco
Description
• Lead the development of comprehensive threat models for new and existing products. • Establish and manage a vulnerability management lifecycle for applications. • Design and implement application security programs focused on secure coding practices. • Partner with product and engineering teams to integrate security requirements. • Conduct regular security assessments of applications and infrastructure. • Support the incident response team in application-related security incidents. • Mentor engineering teams on security best practices. • Drive the adoption of security automation.
Requirements
• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience. • 8+ years of experience in application security, preferably within a SaaS environment. • Strong proficiency in threat modeling, secure coding practices, vulnerability management, and incident response. • Hands-on experience with security tools such as static/dynamic analysis tools (SAST, DAST), penetration testing tools, and CI/CD pipeline integration. • Familiarity with modern programming languages (e.g., Python, JavaScript, Go) and cloud platforms (e.g., AWS, GCP, Azure). • Industry certifications such as CISSP, OSCP, or CEH are a plus.
Benefits
• Required to work on-site 3 days a week (Tuesday, Wednesday, Thursday). • Managers may require additional on-site days.
Apply Now
