about 10 hours ago
Remote, WorldwideMid Level / Senior
Responsibilities
- Identify and close gaps in application security and vulnerability management.
- Conduct threat modeling, secure design reviews, and code reviews.
- Partner with engineering teams to provide product-focused security expertise.
- Mature security practices in a developer-first environment.
- Prioritize security efforts by distinguishing between theoretical and material business risks.
- Improve security posture through tooling, automation, and developer-friendly guardrails.
- Support security incident response and participate in on-call rotations.
- Manage and mature bug bounty and vulnerability disclosure processes.
Requirements
- Strong experience in product security, application security, or security engineering.
- Comfortable working with cloud-native, developer tools, SaaS, or infrastructure products.
- Ability to communicate clearly with both technical and non-technical audiences.
- Deep understanding of application security fundamentals, including auth and APIs.
- Experience with vulnerability triage, bug bounty programs, or security incident response.
- Willingness to participate in security on-call rotation.
- Experience with or interest in Postgres, Kubernetes, or building security guardrails.
Benefits
- Fully remote work with a WeWork membership or co-working allowance.
- Equity ownership (ESOP) for all team members.
- Tech allowance for setting up an ideal work environment.
- 100% health insurance coverage for employees and 80% for dependents.
- Annual off-sites for team connection and collaboration.
- Flexible work hours with an asynchronous operation.
- Annual education allowance for professional development.