Listing Description
About This Role
The Application Security Engineer will be responsible for ensuring the security and privacy of Aptible's software applications. This role requires a combination of technical skills and an understanding of current security threats and best practices. The ideal candidate should have a passion for security and experience in software development.
Responsibilities:
- Design, implement, and maintain security controls for software applications
- Conduct security assessments and vulnerability scans
- Investigate and respond to security incidents
- Stay up-to-date with the latest security threats and trends
- Collaborate with software development teams
- Ensure compliance with security standards and regulations
- Provide guidance and training on secure coding practices
- Perform security-focused code reviews
- Support and consult with product and development teams on application security
- Assist in reproducing, triaging, and addressing application security vulnerabilities
- Support the bug bounty program
- Lead both critical and regular security releases
- Develop automated security testing to validate secure coding practices
Requirements:
- A strong understanding of web application security and common security protocols
- Understanding of network and web-related protocols
- Experience with SAST and DAST security scanning tools
- Familiarity with programming languages like Ruby, Python, and Go
- Experience identifying security issues through code review
- Ability to explain common security flaws and ways to address them
- Basic development or scripting experience
- Familiarity with common security libraries and tools
- Strong understanding and experience with common security libraries and controls
- Subject matter expertise in at least one technical area impacting the product's security
- Excellent communication and collaboration skills
- Strong analytical and problem-solving skills
- Ability to work well with software development teams
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided