Senior Application Security Engineer
Redwood City, CA

Job Description

At AnchorFree, our mission is to provide secure access to the world's information for every person on the planet. AnchorFree has grown into a service with millions of users in nearly 200 countries. Our flagship products, Hotspot Shield and Betternet, regularly top the App Store charts in Productivity and enables millions of users to securely and privately access the Internet every day. Last year, AnchorFree closed a $295 million investment led by WndrCo and Accel Partners, with further development plans for Hotspot Shield and other products in our suite.

We are seeking an Senior Application Security Engineer to join our engineering team. Come help us build the world's next generation Internet Freedom and Privacy platforms!

The ideal candidate will have at least 5 years of programming and at least 2 years of relevant experience in the application security engineering space. Majority of the programming experience should have been gained on the Linux server side.

Responsibilities:

* Perform deep-dive security reviews of AnchorFree products.
* Plan, build and deploy scripts to help catch vulnerabilities automatically.
* Assist engineering teams in feature design, threat modeling, and security-critical code review.
* Coordinate with external vendors providing 3rd party security reviews.

Qualifications and skills required:

* A minimum of a bachelor's degree, ideally in the field of technical computer science or technical IT security or IT security management
* Ability to communicate technical security concepts to diverse audiences, both verbally and in writing.
* Deep understanding of threat modeling approaches (STRIDE/ DREAD), their benefits and drawbacks
* Expertise using and managing static and dynamic application security testing tools
* Working knowledge of at least 3 of C, C++, GoLang, PHP along with a minimum of 5 years of experience in any 3 of the languages above.
* Handson experience with any 2 scripting languages such as Perl, Python, Bash
* In-depth knowledge of security specific protocols (SSH/TLS/DNSSEC, etc.), and network protocols (DNS, IP, TCP/UDP).
* Deep understanding of network security concepts.
* Experience applying static and/or dynamic analysis in application testing.
* Ability to evaluate cryptography choice and implementation.
* Passion for automating application security testing and the strengths/weaknesses of test automation.

Plus:

* Understanding of Application Security best practices along with all of the above is a plus.
* Experience writing secure web applications in addition to all of the above is a plus.

AnchorFree Compensation and Benefits:

* Competitive salary
* Excellent employee stock option plan
* Relocation assistance available
* $175 per month electric car incentives
* Free food and drinks
* Foosball, Gym and showers, Pool table, Table Tennis
* FREE Medical, Dental and Vision
* 401k
* Commuter Benefits
* Free Shuttle from San Francisco,CA
* Dog friendly office

Learn more:

Website

Hotspot Shield

Facebook

Twitter

Blog