ZipRecruiter is looking for an experienced and knowledgeable Senior Application Security Engineer to join our efforts in securing our production data and systems. This is a hands-on engineering role where you'll collaborate with the ZipRecruiter engineering team to identify and remediate security vulnerabilities, provide security guidance and best practices, and be an advocate for an overall culture of security.
* Conducting in-depth security reviews of applications, production, and business integrations * Researching emerging products, services, and standards in support of security enhancement and development efforts * Performing penetration testing on web and mobile applications * Helping oversee bug bounty program and work with independent security researchers as needed * Working closely with ZipRecruiter's development team to advocate for secure coding best practices * Implementing and tuning tools for detection of malicious activity * Analyzing the results of security alerts to provide support and appropriately prioritize remediation according to risk * Helping with incidence response
* In-depth knowledge of web application security, authentication protocols and cryptography * Experience with AWS security * Strong software engineering skills in a Linux environment (preferably Perl and/or Python) * Experience in performing penetration tests * Experience building and delivering projects from start to finish * Passion for collaboration and strong interpersonal skills
Benefits & Perks:
* A fun environment where work-life balance is valued * Opportunities for advancement as our young startup grows * Very competitive salary * Generous bonus plan * Employer-matched 401(k) plan * Competitive benefits package * Healthy snacks * Local gym discount * Attractive paid time off policy - Open/Flexible vacation policy
ZipRecruiter is an equal opportunity employer (M/F/D/V). All applicants must be authorized to work in the U.S. This organization uses E-Verify.
ZipRecruiter is an online job board that streamlines the hiring process through an interface of screening and tracking applicants.