Security Engineer, Application Security
Asana
6 months ago
Warsaw, Poland
Senior
H1B Sponsor
Responsibilities
- Conduct security architecture reviews and penetration testing for new features and services.
- Test software for application security vulnerabilities using various methodologies.
- Triage and investigate vulnerabilities from bug bounty programs and internal tests.
- Influence engineering initiatives by communicating security constraints.
- Investigate product security incidents as a subject matter expert.
- Develop and deliver training on secure coding best practices.
- Stay informed of industry trends and emerging threats.
- Collaborate with stakeholders to develop risk management strategies.
Requirements
- 5+ years of experience in application security or software engineering with a security focus.
- Strong software engineering background with experience in Python, Javascript/Typescript, or Scala.
- Deep knowledge of the OWASP Top 10 and common web application vulnerabilities.
- Experience with security tools for static/dynamic analysis and vulnerability management.
- Proven experience in security design reviews and threat modeling.
- Excellent communication skills for collaboration with technical and non-technical partners.
- A pragmatic mindset with a passion for building defenses against real-world attacks.
- Curiosity about AI tools and emerging technologies.
Benefits
- Generous and transparent compensation system including Restricted Stock Units.
- Health insurance with dental and travel coverage.
- Lunch catering on in-office workdays.
- Career growth budget and home office setup budget.
- Gym/Fitness reimbursement.
- Fertility healthcare and family-forming support.
- Mental health support.
- Group life insurance.
- MacBooks with necessary accessories.
Tech Stack
JavaScriptPythonScalaTypeScript
Categories
Security