Senior Application Security Engineer

September 13

Apply Now

Receive Emails with Similar Jobs

GlossGenius

WebsiteLinkedInAll Job Openings

SaaS • Beauty • Wellness

GlossGenius is a comprehensive software solution designed for salons and spas to streamline their business operations and enhance client experiences. It offers an all-in-one platform with features for online booking, payments, client management, marketing, inventory management, and team management. With a focus on user-friendliness and customization, GlossGenius helps salon and spa owners increase revenue and improve customer satisfaction through powerful marketing tools, automated appointment reminders, and seamless transaction processing. Trusted by numerous beauty and wellness professionals, GlossGenius aims to make business management easier and more efficient, from scheduling to checkout.

51 - 200 employees

☁️ SaaS

💄 Beauty

🧘 Wellness

📋 Description

• Design Review: Youll act as the initial security point of contact for engineering and product teams. You will conduct security-focused architectural reviews and threat modeling to identify and address vulnerabilities, working directly with development teams to find and fix issues. • Policy & Process Adjustments: You will contribute to the development of our security policies and standards. This includes creating secure coding guidelines, building automated tools to prevent common security issues, and collaborating with development teams to embed security into CI/CD pipelines. • Vulnerability Management: Own our end-to-end vulnerability management program. This includes deploying scanning tools across our engineering organization, triaging security vulnerabilities, and supporting the ongoing development of the program's tools and processes to prevent common security issues. • Vendor Evaluation: Help improve our security program by evaluating new security vendors. This includes running evaluations, coordinating demos, piloting tools internally, and making recommendations on which solutions best fit our needs.

🎯 Requirements

• 5+ years of experience in application or product security roles, preferably in high-growth, cloud-native environments • Strong ability to collaborate effectively with software development teams • Experience performing architecture reviews/threat models for custom software • Excellent communication skills, both written and verbal, with the ability to clearly explain complex topics. • Familiarity with common security libraries and tools, such as static analysis and penetration testing tools. • Understanding of common security vulnerabilities and mitigation strategies (e.g., OWASP Top 10). • Basic development or scripting skills. • Fundamental knowledge of network and web protocols (e.g., TCP/IP,HTTP, HTTPS). • Willingness to participate in on-call rotations as needed. • A proactive approach to managing projects from start to finish with a focus on outcomes.

🏖️ Benefits

• Flexible PTO • Competitive health & dental insurance options, with premiums covered by GG • Generous, fully-paid parental leave policy • Retirement Savings Plan • Professional Development - employees receive a yearly stipend for approved learning and educational-related expenses • Home office support • Team Bonding opportunities - as a distributed team, being able to build meaningful bonds both virtually and in person is incredibly important to us! We are constantly evaluating how we accomplish this and currently, teams are given opportunities to gather in person throughout the year