GuidePoint Security
As an Application Security Engineer, you will work with tools like Burp Suite Pro and Invicti to identify and remediate vulnerabilities, integrate security tools into CI/CD pipelines, and collaborate with teams to enhance application security practices. You'll need strong technical skills in secure development lifecycles and excellent communication abilities.
Binance
Application Security Engineer at Binance: Collaborate on mobile security, blockchain security, and AI tools
Binance
Mobile Application Security Engineer - Penetration Test at Binance: design, develop & maintain mobile apps with security functionality.
Gusto, Inc.
Security Engineering role at Gusto, designing safe features with safety & privacy in mind, building security tools & services, 12+ yrs info sec exp reqd.
ExtraHop
Senior Product Security Engineer with experience in modern software development practices and securing web applications, APIs, and software systems.
GuidePoint Security
Assist in delivering Application Security services at GuidePoint Security by performing DevSecOps assessments, architecture reviews, threat modeling, and designing secure pipelines. Contribute to client engagements, deliver comprehensive reports, and strengthen application security capabilities while staying updated with industry trends and tools.
Gitlab
Enhance security posture by developing features for GitLab's products like Dependency Scanning and Container Scanning. Collaborate with cross-functional teams to maintain high quality in a fast-paced environment. Enjoy remote work and comprehensive benefits including equity compensation and home office support.
Gitlab
Enhance GitLab's security capabilities by researching vulnerabilities, developing proofs of concept, curating databases, and improving detection products. Collaborate with teams to build secure solutions.
Gitlab
Enhance GitLab's security detection capabilities by conducting vulnerability research, improving SAST/DAST tools, curating advisory databases, and collaborating on product development in an all-remote environment.
Wealthsimple
Join Wealthsimple as an Application Security Engineer and help secure our applications with your expertise in tooling, architecture, and offensive security testing. Collaborate with teams to mitigate risks and enhance security practices while enjoying top-tier benefits and a supportive remote-first culture.
WorkOS
Join WorkOS as a Security Engineer to enhance our security infrastructure, ensuring the safety of authentication and identity solutions for thousands of SaaS customers. Lead security projects, mentor teams, and implement best practices using tools like SCA, SAST, DAST, and CNAPP.
Wealthfront
Join Wealthfront's Security Engineering team as a security-minded engineer to build and mature security solutions in a fast-growing fintech organization.
Udacity
Provide world-class technical support to students in their Nanodegree journey by leading weekly virtual sessions, responding to questions, and ensuring progress. Utilize expertise in Python, SQL, Big Data, Hadoop, and other relevant areas while fostering a supportive learning environment.
CoinsPaid
Join CoinsPaid as Security Infrastructure Engineer and enhance secure development practices with logging systems, Hashicorp Vault, and DevSecOps tools.
GuidePoint Security
Security Engineer for medium to very large environments with expertise in firewalls, IDS/IPS solutions, malware prevention, routing & switching architectures, cloud edge security, and more.
Curai
Lead Security Engineer at Curai Health: Drive security initiatives, implement frameworks like ISO 27001/2 and NIST CSF, ensure HIPAA/SOC-2 compliance. Collaborate with engineering teams to maintain secure infrastructure in a remote-first environment.
Gradient AI
Staff Security Engineer at Gradient AI: Manage overall security posture, lead risk assessments, cloud security, and implement best practices.
Phantom
Join Phantom as a Security Engineer and contribute to the development of a secure self-custodial wallet for the crypto ecosystem.
Scribd
Senior Security Engineer at Scribd: Configure and integrate security tooling, analyze security findings, and perform incident response.
Binance
Security Operation Engineer (SOC) at Binance: Handle 7x24 hour security incidents, lead team to enhance security perception, and collaborate with world-class talent.
GuidePoint Security
We are seeking an Application Security Engineer with 2-3 years of experience in application security. The role involves running client SAST/DAST/SCA tools, reviewing outputs, providing recommendations, and implementing integrations into pipelines and ticketing systems. You should have a strong understanding of IDEs and CI/CD processes, knowledge of secure development lifecycles, experience remediating vulnerabilities, deep knowledge of manual testing tools like Burp Suite Pro, and familiarity with application security tools such as Invicti or Checkmarx. Experience integrating tools into development pipelines is required. You should understand a broad range of application security issues and their mitigation strategies, have experience reviewing source code in various languages, excellent written and verbal communication skills, a personal drive for growth, and preferably a bachelor's degree in Computer Science or Information Security with industry certifications.
Roles and Responsibilities: • Run client SAST/DAST/SCA tools, review outputs and provide recommendations • Implement integrations for tools into pipelines, ticketing systems, etc.
Experience Requirements: • 2-3 years experience working in Application Security • Understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azuer Dev Ops, Jenkins, Bamboo, etc.) • Strong working knowledge of Secure Development Lifecycles and experience remediating technical vulnerabilities identified by web application scanning tools, Information Systems architecture, security control design, and development experience
• Deep knowledge of manual testing tools such as Burp Suite Pro • Knowledge of and experience with SAST/DAST/SCA Application Security tools. Invicti (DAST) or Checkmarx (SAST/SCA) experience highly preferred • Experience with the integration of tools into development pipelines • Understanding of a broad range of Application Security issues as well as their mitigation strategies • Understanding of Application Security related vulnerabilities • Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus • Written communication skills for written interactions with clients • Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information • Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice • Bachelor's degree in Computer Science or Information Security preferred • Standard industry certifications are preferred
