Senior Application Security Engineer

2 years ago

None

Back to all jobs

Headquarters: Birmingham, Alabama
URL: https://fleetio.com

Fleetio is looking for an expert Application Security Engineer, who is passionate about protecting data and has a deep understanding of different attack vectors.

You will work on continuously enhancing Fleetio’s application security. You will engage in both proactive and reactive measures to ensure our applications and services are secure. This is a new and hugely impactful role for Fleetio and our customers and has high growth potential.

This is a remote opportunity and is open to candidates in the United States, Canada, or Mexico.

About us

Fleetio is a modern software platform that helps thousands of organizations around the world manage their fleets. You can learn more about our platform here. Transportation technology is a hot market and we’re leading the charge, with raving fans and new customers signing up every day. We raised a $21M Series B in late 2020 and are on an exciting trajectory as a company. You can read more about it here.

More about Fleetio

Fleetio overview video: https://www.youtube.com/watch?v=IlvIbwZT3oU
Fleetio Go overview video: https://www.fleetio.com/go
More about the Fleetio platform: https://www.fleetio.com/features
API docs: developer.fleetio.com
Test drive Fleetio to get an even better feel for what we're building: https://www.fleetio.com/register

What you'll be doing

Perform periodic security assessments such as penetration tests and own resolving vulnerabilities
Provide security-focused feedback at different stages of Software Development Life Cycle
Review security alerts from dependencies, frameworks and manage such upgrades
Assist in creating a framework to centralize, review and act on security-related updates from third parties and partners
Monitor static analysis test results and ensure appropriate fixes are developed
Respond to security incidents and work with CTO and team to write post mortem reports
Help provide answers and expertise on security-related queries from internal team members and customers
Help drive adoption of secure development practices (via code reviews, team training, lunch and learns, etc.)

What's in it for you

Be a part of an incredible team of “A” players who go above and beyond to make Fleetio a successful company. You will help build secure software used by people all around the world. So many different types of companies and organizations operate a fleet each day, and Fleetio is a good fit for most of them (it’s a huge market).
Work remotely (within the United States, Canada, or Mexico), or at our Birmingham, AL HQ. Over 80% of our Engineering Team works remotely (including our CTO), and we have promoted a strong remote working culture since the beginning (2012).
We place great emphasis on work/life balance. We have families and hobbies and know you do, too.

Our team

Our Engineering and Product teams are structured as autonomous squads that execute within one focal area toward a defined product vision. We're hardcore believers in easy-to-use software, and our main goal as Product Engineers is to quickly and continuously deliver meaningful value to our customers. We've optimized our CI/CD tools and processes to easily get code into our production environments, resulting in an average of 40 deploys per week. See what our team has to say about how we work in their own words here. You can also learn about the interview process here.

Requirements

3+ years of experience as a Security Engineer
BS in Computer Science, Engineering, or equivalent real-world experience
Deep understanding of emerging vulnerabilities and industry-standard lists such as OWASP TOP 10, SANS
Knowledge of testing products/services across different platforms (web, mobile, API)
Familiarity with static and dynamic application security testing tools (SAST & DAST)
Continuous learner who stays on top of trending security concepts, breaches, and attack vectors
Service mindset with a strong passion for helping and teaching team members with varying degrees of expertise in security
Excellent verbal and written communication skills since you will be engaging in providing constructive feedback, generating awareness, and writing up summaries
Experience or understanding of authentication and authorization methods, open standards, and protocols (such as SAML, OAuth)
Be sure to mention "coffee" in your application so we know you read this