Application Security Engineer

We'll need you to understand our applications, identify potential vulnerabilities, propose, design and implement solutions that will lower the overall risk. These solutions will often come as small programs we develop in-house, or implementations of third-party tools that require some glue code to work with our software build pipelines. What you'll do Implement open source tools to increase the security of our applications. Communicate with developers to help them deliver secure software. Implement libraries and APIs that developers from all the company will use to solve complex security issues such as encryption, authentication and authorization. Design training materials, best practices documentation and communicate these inside the company. Identify vulnerabilities in existing software via source code review or threat models. What you'll need Bachelor's degree in Computer Science, Computer Engineering or equivalent experience. At least three years experience in application security. Be able to explain all of the OWASP Top10 risks in detail. Solid knowledge in at least one programming language. We work mostly with Python and Go. More about you Automation is key to scaling. We look for engineers that have a history of proposing, designing and executing automation projects in order to get rid of any manual and repetitive tasks. Long-term focus. Improving the security of our applications requires us to build strong foundations and think about the long term impact of our actions. Humans > Code. Strong relationships with development teams is key to a successful application security program, we need professionals which can explain complex problems in simple terms and engage in valuable conversations with development teams every time they can. Bleeding edge. You are curious and like to study new technologies, test new solutions and measure the impact brought by changes. We want to ensure we are using the best stack possible