Staff Application Security Engineer
3 days ago
SPAN is seeking a highly skilled and experienced individual to join our Security & Privacy team as a Staff Application Security Engineer. In this critical role, you will be instrumental in building and enhancing SPAN's application security program.
Responsibilities- Lead and execute application security assessments, including static application security testing (SAST), dynamic application security testing (DAST), code reviews, penetration testing, and security architecture reviews.
- Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC).
- Perform threat modeling on existing and upcoming feature sets in SPAN applications to ensure appropriate security controls are built from the ground up.
- Develop and enforce a robust Identity and Access Management posture.
- Design, implement, and maintain application security controls and solutions, leveraging hands-on coding experience.
- Automate application security controls using scripting to minimize human interaction and increase efficiency.
- Own the vulnerability assessment and patch triage process to support ongoing vulnerability and patch management at SPAN.
- Ensure compliance with regulatory requirements and industry standards including risk assessments and risk mitigation strategies for application security.
- Ensure that our production platform in AWS is hardened as per industry standards, such as CIS benchmarks.
- Deploy and manage Security Incident and Event Management (SIEM) solutions at SPAN.
- Participate in the evaluation, selection, and deployment of cutting-edge security tools and technologies.
- Stay current with the latest application security threats, vulnerabilities, and best practices. Continuously evaluate and improve application security processes and technologies.
- Bachelor's Degree in Computer Science, Information Assurance, Cyber Security, or related field of study.
- 7+ years of experience in a security engineering or operations role, with a focus on application security.
- Hands-on experience with one or more security tools such as Burp Suite, SonarQube, OWASP ZAP and Checkmarx.
- Strong knowledge of applied cryptography, TLS/SSL, web authentication protocols such as OAuth/SAML.
- Deep understanding of web application vulnerabilities and defenses.
- Proficient in scripting languages such as Python, Perl, PHP, or Ruby for task automation and data manipulation.
- Experience in developing threat models (e.g., STRIDE, DREAD).
- Hands-on experience with AWS Security best practices.
- Experience with vulnerability scanning tools like Qualys, Nessus, etc.
- Experience with SIEM tools like Splunk, Sumo Logic, etc.
- Certifications such as CISSP, CSSLP, or relevant industry certifications are a plus.
- Competitive compensation + equity grants at a well-funded, venture-backed company.
- Comprehensive benefits: 100% employee premiums for base plans on medical, dental, vision with options for additional coverage.
- Parental leave up to six (6) months depending on eligibility.
- Comfortable, sunny office space located near BART and Caltrain public transit.
- Strong focus on team building and company culture: Employee Resource Groups, monthly social events, SPANcakes recognition breakfast, lunch and learns.
- Flexible hours, one holiday per month and unlimited PTO.
-
Staff Application Security Engineer
1 month ago
San Francisco, United States Code Red Partners Full timeCode Red is Partnered with one of the most innovative companies in the world. They have raised $100M+ funding and are backed by leading investors like a16z. The CISO is ready to make the first core security team hires, with great impact and scope. What you’ll do:make a highly secure wallet for self-custodial crypto and identityenable third-party wallets to...
-
Staff Application Security Engineer
4 weeks ago
San Francisco, United States Code Red Partners Full timeCode Red is Partnered with one of the most innovative companies in the world. They have raised $100M+ funding and are backed by leading investors like a16z. The CISO is ready to make the first core security team hires, with great impact and scope. What you’ll do:make a highly secure wallet for self-custodial crypto and identityenable third-party wallets to...
-
Senior Application Security Engineer
5 days ago
San Francisco, California, United States Crusoe Full timeJob Title: Senior/Staff Application Security EngineerCrusoe Energy is seeking a highly skilled Senior/Staff Application Security Engineer to join our team. As a key member of our security team, you will be responsible for ensuring the security and integrity of our applications and digital infrastructure.About the Role:We are looking for a seasoned security...
-
Application Security Engineer
4 months ago
San Francisco, United States Stefanini North America and APAC Full time3+ years of experience in application security or related field.Strong understanding of application security principles, OWASP Top 10, and common attack vectors and experience with secure coding practices and security testing tools (SAST, DAST, IAST)Hands-on experience with security assessments, testing, and tools.Familiarity with various programming...
-
Senior Staff Engineer, Security
5 days ago
San Francisco, California, United States Foursquare Full timeAbout FoursquareFoursquare is a leading independent location technology and data cloud platform dedicated to building meaningful bridges between digital spaces and physical places.Our proprietary technology unlocks the most accurate, trustworthy location data in the world, empowering businesses to answer key questions, uncover hidden insights, improve...
-
Staff Software Engineer
4 days ago
Market St #, San Francisco, CA , USA, United States Airbnb Full timeAbout the RoleAirbnb is seeking a Staff Software Engineer to join our Site Reliability Engineering team. As a Staff Software Engineer in SRE, you will be responsible for developing and maintaining the tools and systems that enable our engineering teams to operate our services reliably and at scale.Key ResponsibilitiesDesign, implement, and maintain the tools...
-
Senior Application Security Engineer
3 weeks ago
San Francisco, California, United States Bridge Technologies and Solutions Full timeJob SummaryWe are seeking a highly skilled and experienced Application Security Engineer to join our team at Bridge Technologies and Solutions. As a key member of our security team, you will be responsible for ensuring the security and integrity of our applications and systems.Key ResponsibilitiesApplication Security ExpertiseDevelop and maintain a deep...
-
Senior Application Software Engineer
3 days ago
Market St #, San Francisco, CA , USA, United States Adobe Systems Full timeJob Title: Senior Application Software EngineerWe are seeking a highly skilled Senior Application Software Engineer to join our team at Adobe Systems. As a key member of our software development team, you will be responsible for designing, implementing, and deploying cutting-edge software solutions for our creative professionals.About the Role:Work...
-
Staff Security Engineer
2 weeks ago
San Francisco, CA, United States Stars Group Full timeAs our Staff Cloud Security Engineer, you will be responsible for the security assessment of infrastructure/cloud. Implementing and managing security controls for cloud services which includes Secure configuration management for all Cloud native services, setting up processes and guidelines. The Goal is to build Seamless Security. We want you to redefine how...
-
Sr. Staff Application Security Engineer
2 weeks ago
Mountain View, CA, United States Aurora Innovation Full timeAurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all. Aurora's Product Security team's mission is to discover, mitigate, and prevent security risks in the software, hardware,...
-
Lead Application Security Engineer
4 days ago
South San Francisco, California, United States Zipline Full timeAbout ZiplineZipline is a leading company in the logistics industry, revolutionizing the way critical and lifesaving medicine is delivered to hospitals around the world. Our mission is to provide instant access to vital medical supplies for every human on Earth.About the RoleWe are seeking a highly skilled and experienced Application Security Engineer to...
-
Senior Staff Software Security Engineer
3 weeks ago
San Francisco, California, United States Databricks Inc. Full timeAbout the RoleWe are seeking a highly experienced Senior Staff Software Security Engineer to join our team at Databricks Inc. As a key member of our security engineering team, you will play a critical role in ensuring the security and integrity of our data and AI infrastructure platform.Key ResponsibilitiesDesign and implement secure systems and...
-
Senior Staff Software Engineer
3 weeks ago
San Francisco, California, United States Databricks Inc. Full timeAbout the RoleWe are seeking a seasoned Senior Staff Software Engineer to lead our Data Security efforts at Databricks Inc. As a key member of our Trust & Safety team, you will be responsible for creating and executing the vision for our security engineering discipline.Key ResponsibilitiesSecurity Engineering Leadership: Develop and implement a comprehensive...
-
Cloud Security Reliability Engineer
4 days ago
San Francisco, California, United States Abnormal Security Full timeAbout the RoleAbnormal Security is a leading provider of cloud-based cybersecurity products, trusted by enterprises of all sizes to stop cybercrime. As we continue to grow and expand our offerings, we need a skilled Site Reliability Engineer II to help us build tools and processes for releasing software and ensuring reliability and availability in heavily...
-
Application Security Specialist
2 weeks ago
San Francisco, California, United States Anthropic Limited Full timeAbout the Role:At Anthropic Limited, we're pushing the boundaries of AI research to create a safer and more transparent future. As an Application Security Engineer, you'll play a critical role in safeguarding our model weights and infrastructure as we scale new capabilities. You'll work closely with software engineers to institute controls around access,...
-
San Francisco, California, United States CloudFlare Full timeAbout CloudflareCloudflare is a leading technology company that aims to build a better Internet. Our global network powers trillions of requests per month, protecting and accelerating any Internet application online without adding hardware, installing software, or changing a line of code.We are a diverse and inclusive team that values curiosity, empathy, and...
-
Staff Machine Learning Engineer
1 day ago
Market St #, San Francisco, CA , USA, United States Rippling Full timeAbout RipplingRippling is a unified workforce platform that connects all business systems to one source of truth for employee data. By automating manual work, businesses can streamline processes and improve efficiency.The RoleWe are seeking a highly skilled and experienced Staff+ Machine Learning Engineer to join our team. As an engineer working on large...
-
Senior Application Security Engineer
4 weeks ago
San Francisco, California, United States Worldcoin Full timeAbout the OpportunityWe are seeking a highly skilled Senior Application Security Engineer to join our team at Worldcoin. As a key member of our security team, you will play a critical role in ensuring the security and integrity of our applications.Key Responsibilities:Perform security-focused code reviews and own the vulnerability management processSupport...
-
Staff Product Security Engineer
3 weeks ago
San Francisco, California, United States Aurora Innovation Full timeAbout the RoleAurora Innovation is seeking a highly skilled Product Security Specialist to join our team. As a key member of our Product Security team, you will play a critical role in ensuring the security and integrity of our autonomous vehicle platform.Key ResponsibilitiesSecure Design Reviews and Threat Modeling: Perform secure design reviews and threat...
-
Cloud Security Architect
4 days ago
Market St #, San Francisco, CA , USA, United States IPG Mediabrands Full timeJob Title: Cloud Security ArchitectIPG Mediabrands is seeking a highly skilled Cloud Security Architect to design and implement secure cloud environments. The ideal candidate will have expertise in cloud security technologies and a strong understanding of cloud platforms such as AWS or Google Cloud.Responsibilities:Design and implement security architectures...