Senior Application Security Engineer

Your RoleMissionThe Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.Responsibilities- Select or build tooling to help developers build secure code- Provide overall security architectural advice to Engineering and IT- Manage issues sourced from penetration tests and bug bounty programs- Participate in the security champions program- Help Product, Engineering and IT incorporate security requirements into new products from inception- Assist in the creation and maintenance of Security Risk Models for new projects and existing systemsSkills & Competencies- 5+ Years of Web Application Security experience- Strong experience with vulnerability management, or penetration testing is required.- Extensive experience in conducting Architectural Reviews and Threat Models frequently is required.- Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)- Strong software development skills, can do coding and read code.- Strong Communication and Influencing skills- Should have worked in SaaS environment.- Should have extensive knowledge of Open Redirect, OAuth, and CSRF.- Strong Linux knowledge is a plus.- Experience with cloud services, ideally GCP is a plus.- Certifications : OSCP / OSWE / CEH : At least 1 Certification is a plusLI-JM1