about 3 hours ago
Base Salary
$190k - $273k/yr
Responsibilities
- Own and improve the secure software development lifecycle for Apollo applications.
- Perform application security reviews and threat modeling for high-impact features.
- Provide security architecture guidance to Engineering, Product, and IT teams.
- Drive vulnerability management across internal reviews and bug bounty programs.
- Read code to explain root causes and propose safe fixes for vulnerabilities.
- Perform hands-on validation and offensive security testing of applications.
- Configure and improve AppSec tooling and integrations.
- Support security enablement for engineers and provide actionable remediation guidance.
- Produce documentation and metrics to enhance AppSec visibility.
Requirements
- 5+ years of software engineering or application security experience.
- Strong software development skills, particularly in Ruby and Python.
- Familiarity with Linux and cloud environments, ideally GCP.
- Deep knowledge of common AppSec issues and secure design patterns.
- Experience in deep code review and penetration testing.
- Ability to handle findings from bug bounty and automated security tooling.
- Experience with AI-assisted tools and automations.
- Strong communication and stakeholder management skills.
Benefits
- Equity and company bonus opportunities.
- 401(k) plan with company matching.
- At least 10 paid holidays and flexible PTO.
- Parental leave and employee assistance programs.
- Comprehensive medical, dental, and vision benefits.