Application Security Engineer

Airtable - San Francisco, CA

posted 3 months ago

Full-time - Mid Level
San Francisco, CA
Personal and Laundry Services

About the position

Airtable is on a mission to empower individuals to create software effortlessly, ensuring that users can do so with confidence in the safety of their data. Security is a fundamental aspect of our operations, integrated into product design, feature development, architecture, operations, and customer support. We are in the process of building a world-class cybersecurity team and are looking for innovative minds to tackle the challenges faced by the internet community. The Application Security Engineer will play a crucial role in driving and implementing technical strategies, innovative tooling, research, and processes to enhance our application security posture. This position requires collaboration with cross-functional teams to define and execute cutting-edge AppSec strategies, ultimately contributing to the establishment of a best-in-class AppSec program. The role will require the individual to be present in our San Francisco office 2-3 times per week.

Responsibilities

  • Drive security into design and development through performing application security reviews, architecture and design reviews, threat modeling, including code reviews and application security testing.
  • Partner and collaborate with development teams to support application vulnerability remediation efforts.
  • Develop automated security testing to validate secure coding best practices.
  • Perform application security testing to identify vulnerabilities in the core platform and services.
  • Support Airtable's bug bounty program.
  • Support and consult with product and development teams in the area of application security.
  • Promote security awareness through developing and delivering security training.
  • Improve security frameworks, tools, processes and methodologies.

Requirements

  • 3+ years of experience in application security or related field.
  • Experience with OWASP best practices, SAST, DAST, and other common security tools.
  • Strong understanding and experience with common web application security flaws, security controls, and common security libraries.
  • Experience identifying security issues in applications through code review, threat modeling, pen testing, manually and with tools.
  • Development experience and skills, preferably with TypeScript and Node.JS.
  • Basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
  • Strong interpersonal skills and experience working with developers to promote secure SDLC.
  • Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.

Benefits

  • Comprehensive benefits package including health insurance, dental insurance, and vision insurance.
  • Opportunity to receive restricted stock units and incentive compensation.
  • Flexible work environment with the possibility of remote work options.
  • Professional development opportunities and training programs.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service