Senior Application Security Engineer
8 hours ago
The Senior Application Security Engineer is instrumental in ensuring Peloton's applications, services and systems are implemented and secured with industry standard processes. The candidate will help define and mature the application security program, security policy and standards and will coordinate with engineering and platform partners to ensure the security bar is upheld. The candidate will work with multiple and diverse teams across Peloton including, but not limited to Product, Platform, and Ecommerce Engineering, Legal, Enterprise IT Operations and Security Response. They will coordinate the actions of each and ensure collectively we are working as "one Peloton" to protect our members and the team.
The role plays a critical function in constantly evolving Peloton's risk assessment and security review capabilities, ensuring the underlying data related to security defects is used to constantly improve the security of Peloton's products and services. The ideal candidate is a proven engineer that has both exemplary engineering and interpersonal skills. They have extensive experience collaborating with internal engineering partners. They are a proven security technology and methodology expert that scales through enabling other engineering partners to make the right security design decisions and trade-offs.
YOUR DAILY IMPACT AT PELOTON
- Security Design Reviews/threat models: Ensure security guarantees are integrated into products by conducting thorough reviews of design and implementations.
- Developer Guidance: Provide guidance and education to engineering and product teams on available security controls and their appropriate use to help prevent vulnerabilities.
- Collaboration with Engineering Teams: Partner closely with product and engineering teams to design solutions that are secure by default.
- Expertise in Web and Mobile Security: Serve as a trusted advisor, offering web and mobile security expertise to enable engineering and product teams to make informed, confident decisions.
- Automated Analysis and Secure Frameworks: Scale security efforts by integrating automation for the identification, prioritization, and remediation of vulnerabilities. Empower engineering teams through automation, security guidance, tooling, patterns, and training to scale security practices across the organization.
YOU BRING TO PELOTON
- 4+ years of application security experience
- 2+ years experience with understanding devsecops pipelines
- 3+ years experience with software development preferred but not required
- Has proven experience in security automation, DevSecOps, SRE, or a similar role.
- Working knowledge of one or more general purpose programming/script languages, preferably Python
- Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) would be a plus
- Has a solid understanding of cybersecurity threats, vulnerabilities, and mitigations.
- Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
- Experience writing software that enables security processes
- Breadth of applied knowledge across application and infrastructure security
- Facilitate high impact, cross-team security initiatives
- The capability to establish clear next steps when facing uncertain situations without clear lines of ownership
- An ability to think creatively and holistically about reducing risk in a complex environment
- Demonstrates a focused approach, consistently achieving measurable improvements to the security posture of applications and systems.
- Exceptional ability to build relationships across diverse multi-functional teams.
- Exceptional written/oral communication skills.
- Exceptional bias for action and ownership.
#LI-AC1
#LI-Hybrid
The base salary range represents the low and high end of the anticipated salary range for this position based at our New York City headquarters. The actual base salary offered for this position will depend on numerous factors including individual performance, business objectives, and if the location for the job changes. Our base salary is just one component of Peloton's competitive total rewards strategy that also includes annual equity awards and an Employee Stock Purchase Plan as well as other region-specific health and welfare benefits.
As an organization, one of our top priorities is to maintain the health and wellbeing for our employees and their family. To achieve this goal, we offer robust and comprehensive benefits including:
- Medical, dental and vision insurance
- Generous paid time off policy
- Short-term and long-term disability
- Access to mental health services
- 401k, tuition reimbursement and student loan paydown plans
- Employee Stock Purchase Plan
- Fertility and adoption support and up to 18 weeks of paid parental leave
- Child care and family care discounts
- Free access to Peloton Digital App and apparel and product discounts
- Commuter benefits and Citi Bike Discount
- Pet insurance and so much more
Base Salary Range
$168,426-$227,374 USD
ABOUT PELOTON:
Peloton (NASDAQ: PTON), provides Members with expert instruction, and world class content to create impactful and entertaining workout experiences for anyone, anywhere and at any stage in their fitness journey. At home, outdoors, traveling, or at the gym, Peloton brings together immersive classes, cutting-edge technology and hardware, and the Peloton App with multiple tiers to personalize the Peloton experience [with or without equipment]. Founded in 2012 and headquartered in New York City, Peloton has millions of Members across the US, UK, Canada, Germany, Australia, and Austria. For more information, visit www.onepeloton.com.
At Peloton, we motivate the world to live better. "Together We Go Far" means that we are greater than the sum of our parts, stronger collectively when each one of us is at our best. By combining hardware, software, content, retail, apparel, manufacturing, Member support, and so much more, we deliver an exhilarating fitness experience that unlocks our members' greatness. Join our team to unlock yours.
Peloton is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. Equal employment opportunity has been, and will continue to be, a fundamental principle at Peloton, where all team members, applicants, and other covered persons are considered on the basis of their personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, disability, pregnancy, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital and civil partnership/union status, alienage or citizenship status, creed, genetic predisposition or carrier status, unemployment status, familial status, domestic violence, sexual violence or stalking victim status, caregiver status, or any other protected characteristic as established by applicable law. This policy of equal employment opportunity applies to all practices and procedures relating to recruitment and hiring, compensation, benefits, termination, and all other terms and conditions of employment. If you would like to request any accommodations from application through to interview, please email: applicantaccommodations@onepeloton.com
Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Peloton does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Peloton recruiting team and/or hiring managers will be from an @onepeloton.com email address.
If you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Peloton, please email applicantaccommodations@onepeloton.com before taking any further action in relation to the correspondence.
Peloton does not accept unsolicited agency resumes. Agencies should not forward resumes to our jobs alias, Peloton employees or any other organization location. Peloton is not responsible for any agency fees related to unsolicited resumes.
-
Senior Application Security Engineer
2 months ago
New York, United States Emergent365 Full timeSenior Application Security Engineer*This position is highly technical. As a Senior Application Security Engineer, your role involves close collaboration with software development teams to ensure the safety of our customers during the development of innovative services. On any given day, your tasks may include code inspections to identify security issues,...
-
Senior Application Security Engineer
2 months ago
new york city, United States Emergent365 Full timeSenior Application Security Engineer*This position is highly technical. As a Senior Application Security Engineer, your role involves close collaboration with software development teams to ensure the safety of our customers during the development of innovative services. On any given day, your tasks may include code inspections to identify security issues,...
-
Senior Application Security Engineer
1 month ago
new york city, United States Emergent365 Full timeSenior Application Security Engineer*This position is highly technical. As a Senior Application Security Engineer, your role involves close collaboration with software development teams to ensure the safety of our customers during the development of innovative services. On any given day, your tasks may include code inspections to identify security issues,...
-
Senior Application Security Engineer
2 weeks ago
New York, United States Tbwa ChiatDay Inc Full timeHeadway’s mission is a big one – to build a new mental health care system everyone can access. We’ve built technology that helps people find great therapists with the first software-enabled national network of providers accepting insurance.1 in 4 people in the US have a treatable mental health condition, but the majority of providers don’t accept...
-
Application Security Engineer
4 days ago
New York, United States InterSources Full timeJob Title: Senior Application Security Engineer Work Location: New York, NY Duration: 12 months contractPosition Summary: Hours: THIS POSITION WILL ALLOW 35.00 - HOURS PER WEEKMANDATORY SKILLS/EXPERIENCE 12 years of experience in application security, with a proven track record of conducting vulnerability assessments, penetration testing, and secure code...
-
Senior Web Application Engineer
6 days ago
New York, New York, United States Walrus Security, Inc Full timeAbout Walrus Security, Inc.Walrus Security, Inc. is the industry leader in B2B payment verification, working with some of the most prominent names in venture capital and private equity.The B2B payments industry is projected to reach $1T+ in value, with digitization and faster settlement driving growth. However, this expansion also brings increased risk of...
-
New York, New York, United States Abnormal Security Full timeAbout the RoleWe are seeking an experienced Senior Enterprise Security Sales Representative to join our team at Abnormal Security. This is a unique opportunity to sell cutting-edge security solutions to State/Local Government & K-12 Education (SLED) accounts and drive revenue growth. As a key member of our sales team, you will work closely with internal...
-
Application Security Engineer
2 weeks ago
New York, United States Alloy Full timeAlloy is where you belong! Alloy solves the identity risk problem for companies that offer financial products by enabling them to outpace fraud and confidently serve more people around the world. Banks and Fintechs turn to Alloy to take control of fraud, credit, and compliance risk, and grow with the clearest picture of their customers. Through our values:...
-
Senior Application Security Engineer New
4 weeks ago
New York, United States Tbwa ChiatDay Inc Full timeHeadway’s mission is a big one – to build a new mental health care system everyone can access. We’ve built technology that helps people find great therapists with the first software-enabled national network of providers accepting insurance.1 in 4 people in the US have a treatable mental health condition, but the majority of providers don’t accept...
-
Senior Security Engineer
7 days ago
New York, United States Publicis Groupe Full timeTo perform of information security review of infrastructure products before they are rolled out into production, and to provide results of this review to Information Security Officers and support them in the remediation of any findings. Key Responsib Security Engineer, Security Officer, Security, Engineer, Senior, Project Management
-
Application Security Engineer
4 months ago
New York, United States Sirius XM Radio Inc Full timeWho We Are: SiriusXM and its brands (Pandora, SiriusXM Media, AdsWizz, Simplecast, and SiriusXM Connect) are leading a new era of audio entertainment and services by delivering the most compelling subscription and ad-supported audio entertainment experience for listeners -- in the car, at home, and anywhere on the go with connected devices. Our vision is to...
-
Senior Security Engineer
2 weeks ago
New York, United States HRUCKUS Full timeVeteran Firm Seeking Senior Security Engineer for an Onsite Role in New York, NYMy name is Stephen Hrutka. I lead a Veteran-owned consulting firm in Washington, DC, focused on strategic sourcing, supply chain management, and IT Staffing.We seek to fill a Senior Security Engineer role for the New York City Office of Technology and Innovation (NYC OTI). The...
-
Senior Security Engineer
2 weeks ago
New York, United States MDS (Micro-Data Systems) Full time*****NO C2C OR THIRD PARTY INQUIRIES*****Senior Security EngineerLocation: Hybrid - 2-3 Days per week Onsite in Brooklyn, NYTop skills/tools, etc. that are MUST haves:Core security with experience deploying / upgrading and migrating Palo Alto firewallsConsultative and team playerHigh level of experience with Panorama and log collectorsPalo Alto Next...
-
Cloud Security Engineer with UI Focus
5 days ago
New York, New York, United States Armis Security Full timeSecure the Future of Cyber Exposure ManagementAt Armis Security, we're revolutionizing the way organizations protect their attack surface and manage cyber risk exposure in real-time. As a Senior Full Stack Engineer on our team, you'll have the opportunity to make a significant impact in an important field while maintaining a healthy work-life balance.About...
-
New York, New York, United States Abnormal Security Full timeAbout the RoleAt Abnormal Security, we are seeking a highly experienced Senior Software Engineer to join our Inbound Email Products - Systems (IEPS) team. As a key member of this team, you will be responsible for designing and building critical components of our flagship Email Security product.
-
Chief Application Security Lead
2 days ago
New York, New York, United States Client Server Full timeAbout the RoleWe are seeking a Chief Application Security Lead to head up our Product Engineering division and provide expertise on secure coding practices ensuring that security is built into the fabric of our product.Job DescriptionIn this role, you will collaborate with senior stakeholders to prioritise requests, plan the roadmap and ensure the team can...
-
New York, United States Amazon.com Services LLC Full timeAs a member of the Application Security Testing Automation team, you will help provide automated security testing solutions for all of Amazon. Our team’s goal is to empower both development and security teams with accurate security detections at the highest standards of quality in order to identify and eliminate risk across Amazon’s application...
-
Senior Security Engineer
7 days ago
New York, United States Mizuho Bank Ltd Full timeJoin the Mizuho team as a Senior Security Engineer This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain...
-
Senior Network Security Engineer
5 days ago
New York, United States APN Consulting Full timeAPN Consulting has an immediate need for a direct client requirement: Direct Client requirement Position: Senior Network Security Engineer Location: Jersey City, NJ 07302 (Hybrid - 2 days onsite) Type: Full Time/Permanent In this role you will be responsible for designing, implementing, and maintaining Client's Micro Segmentation platform and the...
-
Senior Software Engineer
4 weeks ago
New York, United States Abnormal Security Full timeJob DescriptionJob DescriptionJob Description for Job Posting About the RoleAbnormal Security is looking for a Senior Software Engineer to join the Detection Team. The Detection Division is focused on building the world's most advanced technology for identifying and stopping email and cloud-based attacks that were previously undetectable and help make...
