Application Security Engineer Justworks
New York, NY

Job Description

Why you would love working with us

At Justworks, you'll enjoy a welcoming and casual environment, great benefits, diversity + inclusion and wellness program offerings, company retreats, and the ability to interact with and learn from leaders in the startup community. We work hard and care about our most prized asset - our people.

We're helping businesses get off the ground by enabling them to focus on running their business. We solve HR issues. We're data driven and never stop iterating. If you'd like to work in a supportive, entrepreneurial environment, are interested in building something meaningful and having fun while doing it, we'd love to hear from you.

The job

Justworks is seeking an experienced Application Security (AppSec) Engineer to join our Security team, focused on application security and continuously enhancing our security posture as the threat landscape evolves. As a successful candidate, you have demonstrated knowledge of secure coding practices and conducting code reviews. You have deep understanding of the fundamental of computing and development/coding with Ruby on Rails, JavaScript and/or other languages. The candidate should also have experience in *Nix environment and the use of common cybersecurity tools.

What you'll do

* Collaborate with cross functional teams to create security requirements and deliver security risk assessments.
* Conduct manual code reviews, penetration security testing, automated security testing.
* Deliver education on secure coding practices to product engineering teams.
* Coordinate internal and external penetration testing. Validate and triage issues with engineering teams for remediation.
* Implement safeguards and countermeasures
* Coordinate threat modeling exercises and follows steps to remediate identified issues/gaps
* Enhance our testing, monitoring and continuous deployment infrastructure
* Keep extremely sensitive data compartmentalized and secure
* Detect and respond to security events and incidents

Who you are

* Minimum of 5 years of professional hands-on application security experience
* Experience designing, developing and improving access control and other core security functionality
* Strong fundamental knowledge of secure coding practices
* Strong understanding of application security architecture and ability to articulate best practices for application security
* Experience conducting manual code reviews and penetration security testing
* Experience evaluating, deploying, and managing application security tools
* Current security certifications like GCIH GWEB, CEH, OSCP, CISSP and others are nice to have but not required

Diversity at Justworks

Justworks' vision is for all identities, backgrounds and expressions to be represented in the workplace. We're building the foundation for long-term success and intend to cultivate a safe, collaborative and inclusive space and company culture.

We're proud to be an equal opportunity employer open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, Veteran status, or any other legally protected status.