Senior Security Engineer II, Application Security

🕒 Maio 22

☕ Washington – Remoto

☕ Washington – Remote

💵 $175.000 - $245.000 / ano

⏰ Tempo Integral

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Smartsheet

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

Fundada em 2005

☁️ SaaS

⚡ Produtividade

🤝 B2B

SaaS • Productivity • B2B

Smartsheet é uma plataforma projetada para gerenciar projetos, automatizar fluxos de trabalho e construir soluções em larga escala. Ela oferece uma ampla gama de recursos, incluindo automação, colaboração em equipe, painéis e relatórios, e integrações, permitindo que as empresas otimizem suas operações. A plataforma atende a diversos casos de uso, como gestão de projetos, gestão de portfólio de TI, gestão de marketing e mais, servindo a várias indústrias, incluindo governo, finanças e saúde. Smartsheet também enfatiza a segurança e proteção de dados, garantindo a privacidade dos dados dos usuários. Além disso, oferece serviços profissionais como consultoria, treinamento e suporte à implementação para maximizar as capacidades da plataforma.

Descrição

• Conduct security reviews and threat modeling of AI-integrated product features • Own end-to-end security assessments for high-risk features and services • Operate and evolve the security scanning controls embedded in Smartsheet's GitLab pipelines • Serve as the expert validation layer for Smartsheet's bug bounty program

🎯 Requisitos

• 8+ years in application security, with a track record of owning complex, multi-capability work in a product security or AppSec engineering role. • Fluent in one or more modern languages (Java, Python, TypeScript/JavaScript, Go, Ruby, or equivalent); you identify security-relevant patterns without relying on tooling and write automation that others adopt. • Hands-on experience securing AI-integrated applications (LLM systems, agentic workflows, model APIs) and demonstrated experience deploying AI and automation to scale security functions or extend team reach. You bring both skill sets. • Threat modeling, architecture review, and code review for complex SaaS features; you produce findings engineering teams can act on and carry enough technical credibility to influence design decisions, not just document them. • Independent, hands-on validation of complex, multi-step authenticated vulnerabilities; you confirm what scanners flag and find what they miss. • Operator, active researcher, or both; direct experience with triage, severity calibration, and researcher communication. • Working knowledge of SAST, SCA, secrets, and IaC scanning in modern pipelines, with experience engaging teams on findings and improving signal quality. • Working knowledge of AWS, GCP, or Azure sufficient to tie application-layer risk to the infrastructure it runs on; you understand where the application ends and the cloud begins. • Legally eligible to work in the U.S. on an ongoing basis • BS or MS in Computer Science, a related field, or equivalent industry experience

🏖️ Benefícios

• Employer subsidized medical/vision and dental coverage for full-time employees • 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay) • Monthly stipend to support your work and productivity • Flexible Time Away Program, plus Sick Time Off • US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans • US employees receive 12 paid holidays per year • Up to 24 weeks of Parental Leave • Personal paid Volunteer Day to support our community • Opportunities for professional growth and development including access to Udemy online courses • Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account • Teleworking options from any registered location in the U.S. (role specific)