Application Security Engineer

April 11

ONE

WebsiteLinkedInAll Job Openings

Helping people save and grow their money.

201 - 500

Description

• As an Application Security Engineer, you'll be responsible for ensuring that One delivers secure and reliable applications at scale. By partnering with engineers to build security into the product from the ground up, creating engineering tools and workflows that test and validate artifacts, and actively developing security frameworks, you’ll be the champion of modern Application Security Engineering at One and have a direct impact on the security of all of our products. You’ll provide subject-matter expertise to product teams regarding security best practices, optimize our secure coding practices, and use offensive security techniques to harden our environment and help improve our overall security practices.

Requirements

• 4+ years of experience in security engineering, DevSecOps, and application development. • Excellent knowledge of the CVSS, MITRE ATT&CK, and OWASP Top 10. • Proficiency in TypeScript. • Practical understanding of AWS and its core services (VPC, EC2, RDS). • Demonstrated experience in modern application architecture and deployment practices. • Experience with Library/API/Framework development. • Experience with integrating security scanning tools with CI/CD, Web Application pentesting, fuzzing and DAST. • Expertise in verifying and measuring common security vulnerabilities, and demonstrated ability to communicate these concepts to technical and non-technical partners. • Exposure to most of the following technologies: AWS, iOS, Android, Vault, Kubernetes, PKI, React, GraphQL, and Datadog. • Knowledge of cryptography including algorithms, standards, and their practical applications such as x.509 certificates. • Experience defining security architecture patterns and standards. • Proficiency in modern security evaluation tooling (Burp, Wireshark, Kali et al.) • Preferably, understanding of regulatory compliance concerns (GLBA, CCPA, PCI). • The Triple H Factor: Humble, Hungry and Honest.

Benefits

• Competitive cash • Benefits effective on day one • Early access to a high potential, high growth fintech • Generous stock option packages in an early-stage startup • Remote friendly (anywhere in the US) and office friendly - you pick the schedule