Senior Security Engineer, Application Security

5+ years of career experience in IT or Engineering with a security focus. Strong experience with bug bounty programs, vulnerability research, validation, remediation or pentesting. Experience with internal tool development and engineering enablement. Strong foundational understanding of software development principles, comfortable reading and writing code. Works well in a team environment with positive communications amongst a variety of technical and non-technical stakeholders. Comfortable owning and setting technical direction for small to medium sized initiatives. Adaptable and resilient, thriving in fast-paced environments with shifting priorities. Bonus: Experience with Rust and/or Golang, or ability to pick up new languages. Bonus: Experience with popular compliance standards and certifications (e.g. SOC2, ISO, PCI). Bonus: Experience building or maintaining vulnerability management programs in medium to large sized organizations.

Design, build, integrate and scale new security solutions for vulnerability management. Develop and maintain tools to correlate, enrich, and prioritize vulnerability findings. Develop and maintain dashboards and reporting metrics for the vulnerability management program. Conduct analysis to inform security development teams on eliminating vulnerability classes. Partner with product and development teams on triage workflows, validation, and remediation. Contribute to the design of risk-scoring and SLA models. Mentor other engineers and shape the vulnerability management strategy.