Sr. Security Engineer II (United Kingdom)

Who We Are

Addepar is a global technology and data company that helps investment professionals provide the most informed, precise guidance for their clients. Hundreds of thousands of users have trusted Addepar to empower smarter investment decisions and better advice over the last decade. With client presence in more than 40 countries, Addepar’s platform aggregates portfolio, market and client data for over $4.5 trillion in assets. Addepar’s open platform integrates with more than 100 software, data and services partners to deliver a complete solution for a wide range of firms and use cases. Addepar embraces a global flexible workforce model with offices in Silicon Valley, New York City, Salt Lake City, Chicago, London, Dublin, Edinburgh, Scotland and Pune, India.

*Marketplace and brokerage services provided by Acervus Securities, Inc., an SEC registered broker‑dealer and member FINRA / SIPC.

The Role

As the Application Security (AppSec) Lead at Addepar, you are essential to securing the Addepar platform throughout the Software Development Life Cycle (SDLC). You'll use your proven AppSec background to conduct assessments and manage automated security toolsets, ensuring they are current and effective in safeguarding our platform.

What You’ll Do

• Drive Addepar's AppSec approach, crafting our security-focused SDLC and encouraging awareness of security within the Engineering organization.
• Collaborate with engineering teams, guiding them in secure code development and design as well as advocating for early integration of security measures in the development process.
• Perform assessments at various SDLC stages, including threat modeling, design reviews, and secure code and PR reviews, while working closely with our Offensive Security lead for dynamic testing.
• Lead all aspects of automated AppSec scanning tools, including SAST, SCA, IAST, and secrets detection in SCM and collaborative development tools.

Who You Are

• Skilled in AppSec, capable of conducting assessments and leading security projects.
• A strong communicator and leader, able to convey complex security concepts to a diverse audience and cultivate collaboration. There's also an opportunity to build a Security Champions program!
• Experienced in project management, with a focus on aligning security initiatives with business objectives.
• Open to collaboration, ready to work closely with various departments to safeguard our platform.
• Proactive in seeking ways to improve security measures and stay ahead of potential threats.

Our Values 

• Act Like an Owner - Think and operate with intention, purpose and care. Own outcomes.
• Build Together - Collaborate to unlock the best solutions. Deliver lasting value. 
• Champion Our Clients - Exceed client expectations. Our clients’ success is our success. 
• Drive Innovation - Be bold and unconstrained in problem solving. Transform the industry. 
• Embrace Learning - Engage our community to broaden our perspective. Bring a growth mindset. 

In addition to our core values, Addepar is proud to be an equal opportunity employer. We seek to bring together diverse ideas, experiences, skill sets, perspectives, backgrounds and identities to drive innovative solutions. We commit to promoting a welcoming environment where inclusion and belonging are held as a shared responsibility.

To ensure the health and safety of all Addepeeps and our prospective candidates, we have instituted a virtual interview and onboarding experience.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

PHISHING SCAM WARNING: Addepar is among several companies recently made aware of a phishing scam involving con artists posing as hiring managers recruiting via email, text and social media. The imposters are creating misleading email accounts, conducting remote “interviews,” and making fake job offers in order to collect personal and financial information from unsuspecting individuals. Please be aware that no job offers will be made from Addepar without a formal interview process. Additionally, Addepar will not ask you to purchase equipment or supplies as part of your onboarding process. If you have any questions, please reach out to TAinfo@addepar.com.