Id.Me - Mountain View, CA
posted about 2 months ago
ID.me is seeking a talented Senior Application and Product Security Engineer IV to join our rapidly growing security team. This role is pivotal in advancing the digital identity ecosystem by planning, implementing, and upgrading security measures and controls. The successful candidate will be responsible for a variety of security testing methodologies, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), API security, and penetration testing. Additionally, the engineer will support an expanding bug bounty program, ensuring the end-to-end security of ID.me's applications and products. In this position, you will support the deployment of a robust application security testing tooling that aligns with the application lifecycle of ID.me products. You will maintain and improve the application security testing suite to reduce vulnerabilities introduced into the production environment. Your role will also involve participating in activities that integrate security controls throughout the Software Development Life Cycle (SDLC), reviewing designs of new applications and products, and conducting security testing efforts, including code reviews and black/white box testing. We are looking for someone who thrives in a fast-paced, ambiguous environment and has a passion for security. The ideal candidate will have a strong understanding of application and product architectures, scripting-based programming languages, and web application stacks, along with the ability to prioritize security efforts effectively. This role offers an exciting opportunity to contribute to a company that is committed to building a robust identity network while ensuring security and safety in its products.