Work with a nimble passionate security team, collaborating with development and product.
Conduct vulnerability triage: handle internal and external vulnerability reports, and more importantly: go beyond investigating and write fixes yourself.
Review code and help make decisions about secure coding decisions.
Review new product features to ensure they are designed with security in mind
Collaborate with other developers and teams for long term security success.
Code solutions for preventative measures and generating alerts.
Use your detective work to get to the AH-HA! moment when you find and replicate the root cause of an issue and figure out how to fix it.
You will care and be involved in our product, mission, and success
way beyond checking off tasks.
Requirements
5+ years of experience in web application security
Strong experience with code review, security reviews, security architecture, pentesting, and bug bounty programs
Experience working in full-stack projects
Experience with discovering and fixing common web security vulnerabilities
Experience using web application pentesting tools (e.g. Burp Suite)
Basic understanding of networking concepts (DNS, TCP/IP, VPNs)
Able to explain complex ideas either verbally or in writing to a mixture of audiences
Knowledge and understanding of the OWASP Top 10
Experience creating security automations with GitHub Actions or other methods
Tech Stack
DNS
TCP/IP
Benefits
Remote work with regular in-person bonding experiences sponsored by the company
Competitive compensation
Holistic perks program (including free therapy, employee wellness, and more)
Excellent health, dental, and vision coverage
401k benefits with employer matching contribution
The chance to build something that changes lives – and that people love
Any piece of hardware or software that will make you happy and productive