Lead Application Security Engineer

Remote
Main Location
San Francisco, CA, United States
Open jobs

 

ABOUT THE ROLE

We're looking for a Lead Application Security Engineer to challenge our current processes, and drive security into the pipeline. We're a fast-growing company in the Enterprise Identity and Access Management and Single Sign-On (SSO) space. We believe in hiring talented individuals with a passion and drive to succeed!

ABOUT YOU

  • Develop secure coding & secure design principles
  • Train developers, architects, code reviewers, and others on secure coding practices
  • Serve as the subject matter expert for Application Security, providing guidance to Engineering and Product teams
  • Design and implement SDLC practices including code reviews, static/dynamic code analysis and vulnerability assessments
  • Constantly maintain awareness of all known vulnerabilities in application technologies used within OneLogin
  • Research any reported or suspected application vulnerabilities
  • Assist in developing security related libraries used in our environment

REQUIREMENTS

  • Bachelor's degree in computer science, management information systems, or related field
  • 8+ years of AppSec experience
  • Participate in Bug Bounty Programs / Security Research
  • Expert level understanding of modern web technologies, mobile, and web application security
  • Thorough understanding of OWASP Top 10 vulnerabilities and corresponding best practices for mitigation
  • Prior experience securing large-scale web applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws
  • The ability to perform thorough threat modeling of web applications
  • The ability to effectively partner and communicate with Engineering and Product teams
  • Experience with BurpSuite Pro and dynamic application scanning tools

 

ABOUT ONELOGIN

OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries, with over 2,500 customers worldwide. We are headquartered in San Francisco, California. For more information, visit www.onelogin.comBlogFacebookTwitter, or LinkedIn.

 

Our core values

  • Security first - We make it our #1 priority to protect data and privacy. From the way we work to the technology we provide, security is top of mind
  • Customer focused - We design for, listen to and partner with customers to come up with smart solutions that drive business value
  • Collaborative - We take bold steps and work together to thrive across boundaries. We drive productivity as we grow as one team
  • Accountable - We get things done and take ownership in our work. Showcasing consistent quality and pride to perform at the highest levels
  • Creative - We embody creativity in everything we do. We embrace a diversity of ideas. We execute with ingenuity, flexibility, and agility




Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Mission
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team