Senior Application Security Engineer
New
Canada - Remote; United States (East Coast Time Zone) - Remote; New York - Hybrid; Locations Supported: US, Canada (Toronto), Mexico., East Coast Time ZoneFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Required Skills
- GraphQLJavascriptTypeScriptCI/CDRESTful APIs
Requirements
- Experience across web/mobile application security and infrastructure/cloud security.
- Hands-on experience performing white-box, source code-assisted web and mobile application penetration testing.
- Ability to read, understand, and review source code, particularly JavaScript and TypeScript.
- Strong understanding of Threat Modelling principles and SDLC integration.
- Experience with web application firewalls and tuning rules.
- Experience embedding application security practices into CI/CD pipelines.
- Proven ability to communicate security findings to technical and non-technical audiences.
- Ability to operate effectively in a remote environment.
Responsibilities
- Conduct threat modelling reviews of Technical Design Documents (TDDs) for new and existing features.
- Perform and support application security assessments, including penetration testing and vulnerability assessments.
- Investigate, triage, and respond to Bug Bounty program submissions.
- Manage and tune Cloudflare WAF and related security controls.
- Partner with engineering teams to embed security best practices throughout the SDLC.
- Research and track emerging threats and vulnerabilities.
- Develop and deliver security guidance and training for engineering teams.
- Participate in and lead incident response activities.
View Full Description & ApplyYou'll be redirected to the employer's site
