Senior Application Security Engineer
Remote
Applications have closed
- Remote-first
- Website
- @FingerprintJs 𝕏
- GitHub
- Search
FingerprintJS
The Fingerprint device intelligence platform works across web and mobile applications to identify all visitors with 99.5% accuracy — even if they’re anonymous.Fingerprint empowers developers to stop online fraud at the source.
We work on turning radical new ideas in the fraud detection space into reality. Our products are developer-focused and our clients range from solo developers to publicly traded companies. We are a globally dispersed, 100% remote company with a strong open-source focus. Our flagship open source project is Fingerprint (18K stars on GitHub).
We have raised $44M and are backed by Craft Ventures (previously invested in Tesla, Facebook, Airbnb), Nexus VP (previously invested in Postman, Hasura) and Uncorrelated Ventures (previously invested in Redis, Rollbar & Gradle).
As a Senior Application Security Engineer, you will work closely with the engineering teams and play a pivotal role in ensuring that security is integrated at every stage of the software development lifecycle.
Responsibilities
- You will provide guidance to engineers on secure coding practices, participate in coding reviews to identify any potential security vulnerabilities, and advise on remediation strategies
- Conduct security reviews to evaluate applications for potential vulnerabilities
- Own threat modeling - Understand the application’s architecture, identifying potential attack vectors and devising strategies to mitigate these threats
- Integrate security tools and processes into the DevOps pipeline
- Assist in response and recovery in the event of a security incident or breach
- Raise awareness about application security within the organization.
Requirements
- 5+ years of experience as an Application Security Engineer
- Proficiency in multiple programming languages with an understanding of the intricacies and potential security flaws
- Experience with cloud technologies
- Knowledge of secure coding practices
- Proficiency with security tools and technologies - static/dynamic analysis tools, penetration testing tools, knowledge of firewalls, intrusion detection systems and encryption.
- Excellent communication and collaboration skills.
- Must be able to articulate complex security concepts to engineers and other stakeholders in a simple, understandable way.
- Ability to write clear and concise security reports and presenting findings to both technical and non-technical audiences
- Ability to work effectively as a team with engineers, respect different perspectives and collaborate towards a common goal with business priorities in mind
- Problem solving and critical thinking skills
- Deep understanding of the problem space and a systematic approach to problem solving is a must.
- Ability to critically evaluate the security of a system, assess the impact of potential vulnerabilities and consequences of different security decisions
Nice to have:
- Bachelor's degree in Computer Science, Engineering, or a related technical field
- Familiarity with application security frameworks and standards like NIST, CIS, CSA ,etc
- Experience in a fast paced startup environment
- Golang experience
- Experience with AWS technologies
Compensation Range:$150,000 - 220,000
For cash compensation, we set standard ranges for all US based roles based on function, level and geographic location, benchmarked against similar stage growth companies. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including geographic location as well as candidate experience and expertise, and may vary from the amounts listed above.
Offers vary depending on, but not limited to, relevant experience, education, certifications/licenses, skills, training, and market conditions.
Due to regulatory and security reasons, there’s a small number of countries where we cannot have Fingerprint teammates based. Additionally, because Fingerprint is an all-remote company and people can join our workforce from almost any country, we DO NOT sponsor visas. Fingerprint teammates need to be authorized to work from their home location.
We are dedicated to creating an inclusive work environment for everyone. We embrace and celebrate the unique experiences, perspectives and cultural backgrounds that each employee brings to our workplace. Fingerprint strives to foster an environment where our employees feel respected, valued and empowered, and our team members are at the forefront in helping us promote and sustain an inclusive workplace. We highly encourage people from underrepresented groups in tech to apply.
If you are applying as a resident of California, please read our CCPA notice here
If you are applying as a resident of the EU, please read our GDPR notice here
Tags: Application security AWS CCPA Cloud Computer Science DevOps Encryption Firewalls GDPR GitHub Golang Intrusion detection NIST Open Source Pentesting PostMan Redis SDLC Vulnerabilities
Perks/benefits: Startup environment Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.