Application Security (AppSec) Engineer

Overview

Job Description

Responsibilities

• - Shape security practices across development teams
• - Empower teams to build and ship secure products
• - Own critical security services protecting sensitive data at scale
• - Develop core security infrastructure services focusing on key management, encryption, and authentication
• - Build robust distributed systems leveraging Redis, PostgreSQL, and AWS services
• - Maintain high code quality standards through comprehensive testing, monitoring, and documentation
• - Design and operate scalable processes and build paved-path tooling that enable engineers to ship secure products
• - Partner with development teams to conduct design reviews and threat modeling sessions
• - Support public bug bounty program and leverage application testing tools (SAST, SCA) to identify, triage, and drive remediation of vulnerabilities
• - Work closely with various other Security teams and partner with engineering teams to provide general ad hoc security support and technical/operational guidance

Required Skills

• - Strong Python backend development expertise
• - Experience building and maintaining production services
• - Hands-on experience with Redis and PostgreSQL
• - Proficiency with distributed systems and cloud platforms (AWS)
• - Strong understanding of cryptographic principles
• - Knowledge of authentication mechanisms, authentication/authorization patterns, and secure key management practices
• - Experience with security architecture and threat modeling
• - Strong written and verbal communication skills
• - Ability to balance security requirements with operational or business needs
• - Understanding of secure development lifecycle and secure coding practices
• - Knowledge of common web/API vulnerabilities and mitigations (e.g. OWASP Top 10)
• - Collaboration skills and adaptability in fast-growing companies

Benefits

• - Offers Equity
• - Offers Bonus
• - Remote work flexibility
• - Competitive and equitable compensation practices