Sr. Staff Application Security Engineer
3 months ago
Who We Are
Aurora (Nasdaq: AUR) is delivering the benefits of self-driving technology safely, quickly, and broadly to make transportation safer, increasingly accessible, and more reliable and efficient than ever before. The Aurora Driver is a self-driving system designed to operate multiple vehicle types, from freight-hauling semi-trucks to ride-hailing passenger vehicles, and underpins Aurora Horizon and Aurora Connect, its driver-as-a-service products for trucking and ride-hailing. Aurora is working with industry leaders across the transportation ecosystem, including Toyota, FedEx, Volvo Trucks, PACCAR, Uber, Uber Freight, U.S. Xpress, Werner, Covenant, Schneider, and Ryder. For Aurora's latest news, visit aurora.tech and @aurora_inno on Twitter.
Aurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all. Aurora's Product Security team's mission is to discover, mitigate, and prevent security risks in the software, hardware, and services developed by Aurora. Our team is responsible for ensuring the secure design and implementation of the technology built for the Aurora Driver as well as continually improving the assurance levels of security across all of Aurora's Products. This team is also responsible for performing technical security assessments, threat modeling, security code reviews and vulnerability testing to highlight risk and help various engineering teams and partners to improve security. We work closely with engineers across Aurora as well as 3rd party partners to design and proactively integrate initiatives to enhance security across a wide variety of software or hardware domains and technology stacks. We are searching for an experienced Security Engineer with strong application security experience that is excited to lead and improve the overall application security posture for the autonomous vehicle platform to join us on this mission.
In this role, you will
- Perform secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities
- Perform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices
- Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes
- Manage the vulnerability management process and program through triage, prioritization, tracking, remediation, and validation of vulnerabilities from audits, scans and external reports
- Employ techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
- Conduct research to identify new and novel attack vectors against Aurora's products and services
- Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners
- Develop and manage a secure software development lifecycle
- Develop and manage a bug bounty program
- Research, recommend, and develop security tools and technologies to strengthen defenses against emerging threats and vulnerabilities
- Work with Engineering teams and OEMs to ensure successful security assurance of the Aurora Driver platform and services
- Advocate, guide and mentor both security and non-security engineers to instill security best practices. through secure architecture, design, and development
- Ability and desire to write production-quality code in C++, Golang, or Python
- Foundational knowledge of operating system security for Linux
- Foundational knowledge of the CWE Top 25
- Ability to assess software and/or hardware components with and without full knowledge
- Ability to work well with other assessment members and engineering partners
- Ability to communicate effectively with technical and non-technical audiences
- Experience in one or more of the following: risk assessment, threat modeling, incident and emergency response, OS hardening, vulnerability management, pentesting, offensive security or cryptographic protocols and concepts
- Experience in vulnerability discovery and analysis, design review, and code-level security reviews
- Experience in, and technical knowledge of security engineering, computer and network security, authentication and security protocols, and applied cryptography
- Experience with assessment, development, implementation, and documentation of a comprehensive and broad set of security technologies and processes
- Familiarity with automotive protocols and security standards
- Experience in Security Assurance / Secure-SDLC processes in an agile / waterfall environment
- Experience building and evaluating threat models / risk assessments
- Experience and ability to implement best practices related to cryptographic protocols, infrastructure and network security
- Minimum 8 years of experience in a security-specific or security-adjacent industry
- Minimum 2 years of experience in the robotics or automotive industry or equivalent
- Relevant work experience in offensive security, penetration testing or red teaming
- Experience implementing various Defense in Depth Strategies to address dynamic threats across various software and hardware stacks
- Experience evaluating the security of software, hardware and services
- Foundational knowledge of embedded firmware security and hardware security, preferably in the robotics or automotive space
- Familiarity with cloud security (AWS) and infrastructure-as-code
- Familiarity with Trusted Platform Modules, HSMs, and trusted boot
- A history of giving back to the security industry via open source contributions, published papers, or conference presentations
The base salary range for this position is $254k-$407K per year. Aurora's pay ranges are determined by role, level, and location. Within the range, the successful candidate's starting base pay will be determined based on factors including job-related skills, experience, qualifications, relevant education or training, and market conditions. These ranges may be modified in the future. The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.
#LI-SP1
#Mid-Senior
Working at Aurora
At Aurora, we bring together extraordinarily talented and experienced people united by the strength of our values. We operate with integrity, set outrageous goals, and build a culture where we win together - all without any jerks.
We have offices in several locations across the United States, where we encourage team and cross-functional collaboration. Aurora offers competitive medical, dental, and vision benefits, and additional healthcare support including medical transportation reimbursement, fertility, adoption, and surrogacy benefits. We empower our employees and their families with options to further their unique physical, mental, and financial well-being.
Our Learning and Development offerings include Aurora Academy, where our people learn, develop, and practice the essential skills that drive Aurora's mission, continually up-leveling our team along the way. Our Careers page provides insight into career opportunities at Aurora, and you can find all the latest news on our Blog.
Safety is central to everything we do. Every employee at Aurora has a role in contributing to safety, every step of the way. We seek candidates who take active responsibility, can contribute to building an atmosphere of trust, and invest in the organization's long-term success by working safely - no matter what.
We believe that self-driving technology has broad benefits - including increased access to transportation. To realize those benefits, we need a workforce with diverse experiences, insights, and perspectives - a workforce that reflects the communities our technology will serve.
Aurora is committed to providing access to anyone who seeks information from our website. We invite anyone using assistive technologies, such as a screen reader or Braille reader, to email us at careersiteaccommodations@aurora.tech if they experience difficulty using our website. Please describe the accessibility problem and include a URL (if available).
Aurora considers candidates without regard to their race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, pregnancy status, parent or caregiver status, ancestry, political affiliation, veteran and/or military status, physical or mental disability, or any other status protected by federal or state law. Aurora considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at careersiteaccommodations@aurora.tech.
For California applicants, information collected and processed as part of your application and any job applications you choose to submit is subject to Aurora's California Employment Privacy Policy.
Diversity, Equity and Inclusion
At Aurora, every employee is empowered to take an active role in building an inclusive, collaborative, and unified culture that leverages our diverse strengths, perspectives, and backgrounds.
Transforming how the world moves people and goods involves seeking to understand backgrounds, insights, and lived experiences that differ from our own. One way we accomplish that is with our 15 employee-led Aurora Unified Groups, which support diverse voices and drive inclusive collaboration. We believe that teamwork, belonging, and trust motivate and support our employees to do their best work. As our team grows, we strive to attract and retain exceptional talent that adds new perspectives and experiences and continues to drive innovation. Learn more on our Culture Page.
We are committed to helping qualified military community members leverage their talents in service of our mission. To understand how your military experience aligns with career opportunities at Aurora, review your military job classification at MyNextMove.org and consider applying for open positions corresponding to your identified skills and experiences
-
Sr. Staff Application Security Engineer
5 days ago
Mountain View, CA, United States Aurora Innovation Full timeAurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all. Aurora's Product Security team's mission is to discover, mitigate, and prevent security risks in the software, hardware,...
-
Senior Cloud Security Engineer
2 days ago
Mountain View, California, United States Futran Tech Solutions Pvt. Ltd. Full timeJob Title: Sr. Security Operations EngineerFutran Tech Solutions Pvt. Ltd. is seeking a highly skilled Sr. Security Operations Engineer to join our team. As a key member of our security operations team, you will be responsible for ensuring the security and compliance of our cloud-based applications and infrastructure.Key Responsibilities:Engage with...
-
Lead Security Engineer, Applications
20 hours ago
Mountain View, California, United States BetterHelp Full timeAbout the RoleWe are seeking a highly skilled Lead Security Engineer, Applications to join our team at BetterHelp. As a key member of our Application Security Team, you will be responsible for leading the development and implementation of secure coding practices, conducting vulnerability assessments, and collaborating with cross-functional teams to ensure...
-
Security Systems Applications Engineer
4 weeks ago
Mountain View, California, United States Securify Full timeJob OverviewPosition: Security Systems Applications EngineerCompany: SecurifyLocation: Mountain View, CAEmployment Type: Full-Time with BenefitsSalary Range: $105,000 to $138,000 annually Role SummaryWe are in search of a skilled Security Systems Applications Engineer to enhance our team. The successful candidate will possess a minimum of five years of...
-
Application Security Manager
4 weeks ago
Mountain View, California, United States Samsung Electronics Perú Full timePosition OverviewKey ResponsibilitiesAs the Lead Application Security Engineer, you will oversee the application security initiatives and provide strategic guidance to the security team. You will play a crucial role in establishing organization-wide application security standards, addressing intricate security challenges, and engaging in technical...
-
Application Security Manager
4 weeks ago
Mountain View, California, United States Samsung Electronics Perú Full timePosition OverviewRole and ResponsibilitiesAs the Application Security Lead, you will spearhead the application security initiative, providing expert guidance to the security team. Your role is pivotal in establishing organization-wide application security protocols, addressing intricate security challenges, and engaging in technical discussions with software...
-
Application Security Manager
4 weeks ago
Mountain View, California, United States Samsung Electronics Perú Full timePosition OverviewKey Duties and ResponsibilitiesAs the Application Security Lead, you will spearhead the application security initiative and provide strategic guidance to the security team. Your role will involve establishing organization-wide application security standards, addressing intricate security challenges, and engaging in technical discussions with...
-
Application Security Manager
4 weeks ago
Mountain View, California, United States Samsung Electronics Perú Full timePosition OverviewKey ResponsibilitiesAs the Application Security Lead, you will spearhead the application security initiative, providing strategic guidance to the security team. Your role will involve shaping best practices for application security across the organization, addressing intricate security challenges, and engaging in technical discussions with...
-
Application Security Specialist
4 weeks ago
Mountain View, California, United States Samsung Ads Full timeApplication Security SpecialistSamsung Ads is dedicated to facilitating connections between brands and Samsung audiences across various devices. As a global organization, our Architects engage in intricate projects alongside stakeholders and teams worldwide.Our mission is to provide exceptional outcomes for our clients. Samsung Ads innovatively reshapes the...
-
Sr. Site Reliability Engineer
2 weeks ago
Mountain View, United States Bonfy.AI Full timeSr. SRE Engineer At Bonfy.AI, we're working behind the scenes on game-changing innovations to make AI trustworthy. Position Overview: Bonfy.AI is looking for a curious, intelligent Security / SRE / DevOps Engineer with experience in at least two of the mentioned domains which can automate company engineering processes to perfection yet not hesitate to say no...
-
Sr. Site Reliability Engineer
3 weeks ago
Mountain View, United States Bonfy.AI Full timeSr. SRE Engineer At Bonfy.AI, we're working behind the scenes on game-changing innovations to make AI trustworthy. Position Overview: Bonfy.AI is looking for a curious, intelligent Security / SRE / DevOps Engineer with experience in at least two of the mentioned domains which can automate company engineering processes to perfection yet not hesitate to say...
-
Sr. Site Reliability Engineer
2 weeks ago
Mountain View, United States Bonfy.AI Full timeSr. SRE EngineerIf your skills, experience, and qualifications match those in this job overview, do not delay your application.At Bonfy.AI, we're working behind the scenes on game-changing innovations to make AI trustworthy.Position Overview:Bonfy.AI is looking for a curious, intelligent Security / SRE / DevOps Engineer with experience in at least two of the...
-
Application Security Team Lead
4 weeks ago
Mountain View, California, United States Samsung Ads Full timeApplication Security Team LeadSamsung Ads is dedicated to empowering brands to engage with Samsung audiences across various platforms. As a global entity, our Architects collaborate on intricate projects with stakeholders and teams situated worldwide.Our mission is to achieve exceptional outcomes for our clients. Samsung Ads revolutionizes the advertising...
-
Physical Security Applications Engineer
4 months ago
Mountain View, United States Securify Full timeJob DescriptionJob DescriptionJob Title: Physical Security Application EngineerCompany: SecurifyLocation: Mountain View, CAEmployment Type: Full-Time with BenefitsCompensation: $105,000 to $138,000 per year Physical Security Systems EngineerWe seek an experienced Security Application Engineer to join our team. The ideal candidate will have at least five...
-
Senior Staff Security Engineer
7 days ago
Mountain View, California, United States Aurora Full timeAbout the RoleAurora is seeking a highly skilled Senior Staff Security Engineer to lead the design and implementation of our Detection and Response strategy across our enterprise, cloud, and vehicle environments.Key ResponsibilitiesLead security investigations and incident retrospectives to identify and mitigate potential threats.Develop and implement...
-
Lead Security Engineer, Applications
7 days ago
Mountain View, California, United States BetterHelp Full timeAbout BetterHelpBetterHelp is a leading online therapy service that aims to make mental health care more accessible to everyone. With a network of over 30,000 licensed therapists, we provide affordable and convenient therapy in 210 countries and over 60 languages.Job SummaryWe are seeking a motivated Application Security Engineer to join our team. As a key...
-
Sr. Electrical Design Engineer
2 months ago
Mountain View, United States Reliable Robotics Corporation Full timeWe're building safety-enhancing technology for aviation that will save lives. Automated aviation systems will enable a future where air transportation is safer, more convenient and fundamentally transformative to the way goods — and eventually people — move around the planet. We are a team of mission-driven engineers with experience across aerospace,...
-
Senior Staff Security Engineer
2 days ago
Mountain View, California, United States Aurora Full timeAbout the RoleAurora is seeking a highly skilled Senior Staff Security Engineer to lead the design and implementation of our Detection and Response strategy across our enterprise, cloud, and vehicle environments.Key ResponsibilitiesLead security investigations and incident retrospectives to identify and mitigate potential threats.Develop and implement...
-
Senior Staff Security Engineer
4 months ago
Mountain View, United States Aurora Full timeWho We Are Aurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all. We’re searching for a Senior Staff Security Engineer - Detection and Response In this role, you will...
-
Sr. Software Engineer
4 days ago
Mountain View, United States Robert Half Full timeJob DescriptionJob DescriptionWe are offering a contract to permanent employment opportunity for a Sr. Software Engineer in Mountain View, California. In this role, you will be developing an online application for our medium-sized company, utilizing full-stack skills with a focus on React.js for front-end development and Node.js for the back-end. The...
