Key skills
JavaScriptTypeScriptPythonGoTerraformCDNLeadershipWAF
About this role
Shipt is a retail tech company that connects people to reliable, high-quality delivery with a personal touch. As a Staff Engineer on the Application Security team, you will lead secure practices, design and implement security controls, and mentor team members to ensure the safety of applications and user data.
Responsibilities:
- Lead and drive secure practices across Shipt
- Be responsible for development practices across our engineering organization
- Build software systems to make secure development easier
- Design, implement, and scale security controls and processes that protect Shipt’s users
- Empower Shipt developers
- Ensure the safety of our applications and protect user data
- Operate at a high level of technical proficiency
- Provide technical leadership
- Mentor other team members
- Influence security culture at all levels of the company
- Collaborate with cross-disciplinary teams
- Contribute to the protection of customers and shoppers nationwide
Requirements:
- You have extensive software engineering experience with focus on developer tooling or infrastructure
- 5+ years programming skills in Go, Python, and/or JavaScript/TypeScript
- Experience with WAF
- You have familiarity with containerization concepts and tools
- You have experience working and deploying with cloud platforms
- You have experience building APIs, automation tools, and developer-facing services
- You have experience with Infrastructure as Code tools, such as Terraform
- You have strong system design and architecture skills
- You have experience translating business requirements into practical development solutions
- You have led the design, implementation, and validation of secure coding practices, application security controls, and integration of security platforms
- You have an understanding of tools and techniques leveraged to breach networks, server systems, cloud workloads or applications
- Bachelor's Degree or equivalent experience
- You have a CISSP, OSWE, CSSLP, GWAPT, GWEB, OSCP, CompTIA Security+ certification
- You have familiarity with open-source software and dependency management
- You have experience managing, configuring and troubleshooting CDN & WAF technologies