Key skills
CloudJavaScriptPythonRustGoC++CSalesforce
About this role
Role Overview
- Drive SSDLC adoption for custom application logic in enterprise systems.
- Validate and triage external security reports, including bug bounty submissions.
- Perform threat modeling to identify potential attack paths and define appropriate mitigations.
- Advise development teams on secure coding practices to reduce and prevent vulnerabilities.
- Perform vulnerability testing and analysis of applications and guide teams on effective remediation.
- Conduct security assessments of internally developed software components.
- Contribute to the development, improvement, and implementation of SSDLC processes.
- Lead post-mortem reviews of application security incidents and vulnerabilities.
- Act as an application security advisor to engineers, including training on secure development practices.
Requirements
- Strong understanding of security models for Web/REST APIs, cloud, mobile, and desktop applications.
- Hands-on experience with security assessment tools and attack techniques; able to perform assessments beyond simple input injection.
- Experience performing code assessments in Go, Python, Rust, C/C++, and JavaScript.
- Basic programming skills in Go, Python, or similar languages are helpful.
- Knowledge of Salesforce security features and controls.
- 5+ years of experience in Application Security.
Tech Stack
- Cloud
- JavaScript
- Python
- Rust
- Go
Benefits
- Remote working options
- Professional development opportunities