An established internet-facing tech company is seeking an experienced Senior Application Security Engineer to lead their application security program in San Francisco.
The successful incumbent will come from software engineering with 5-7 years of experience in application security, OWASP top 10, and Python, ideally in a medium-to-large internet company. She or he should have a proven track record successfully working with engineering teams regarding product security.
- 5+ yrs in Application Security
- 3+ yrs as a Developer
- Strong knowledge of UNIX operating systems, command line usage, and system administration
- Proven ability to guide engineering teams through infosec design
- Advanced programming abilities in Python or similar programming language
- Advanced knowledge of the AWS environment and underlying security model
- Mastery of security principles including confidentiality and integrity of data, authentication and authorization protocols, and other cryptographic protocols
- Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
- Bachelor or Masters Degree in Computer Science or comparable field
- Django open-source framework
- Microservice architectures
- Compliance (SOC2, PCI-DSS, ISO 27001, etc)
This position is a full-time, permanent position with competitive pay and “startup” perks. Local candidates strongly preferred.