over 1 year ago
San Francisco, CA, USA or New York, NY, USASenior
Base Salary
$170k - $220k/yr
Responsibilities
- Conduct systematic threat modeling to identify risks and propose mitigations.
- Perform in-depth security architecture reviews for applications and microservices.
- Collaborate with engineering teams to conduct code reviews and identify vulnerabilities.
- Integrate SAST and DAST into CI/CD pipelines for automated security detection.
- Analyze testing reports and guide teams on remediation strategies.
- Perform or coordinate targeted penetration tests on critical applications.
- Document findings and partner with engineers for sustainable fixes.
- Advise on encryption mechanisms to safeguard data.
- Oversee secure key management and cryptographic protocols.
- Develop and deliver training on secure coding and OWASP principles.
- Investigate and document application-focused security incidents.
- Maintain and refine incident response playbooks.
- Align AppSec practices with PCI DSS, SOC 2, and relevant frameworks.
- Work closely with Risk, Fraud, and Compliance teams.
Requirements
- 5+ years in cybersecurity focused on Application Security.
- Hands-on coding experience with modern development stacks.
- Proficiency with SAST/DAST tools and threat modeling methodologies.
- Knowledge of cryptography concepts and cloud security services.
- Excellent communication and collaboration skills.
Benefits
- Competitive compensation and equity packages.
- Leading configured work computers of your choice.
- Flexible paid time off.
- Fully covered, high-quality healthcare including dependent coverage.
- Access to One Medical and option to enroll in an FSA.
- 20 weeks of paid parental leave for primary caregivers and 8 weeks for all new parents.
- Access to industry-leading technology to foster innovation and productivity.
Tech Stack
AWSAzureGoogle Cloud Platform