Staff Application Security Engineer
Remote
Full Time Senior-level / Expert USD 175K - 195K
Assured
Assured provides P&C carriers with solutions to digitally ingest, service, and process claims.Assured is on a mission to modernize insurance. Claims processing (i.e. should we pay this claim?), while often overlooked, is the foundation of the entire industry. It’s currently highly manual, involving phone calls, faxes, and gut instinct—costing tens of billions of dollars a year. We can do better.
At Assured, we provide large insurers with the software solutions they need to win in a modern, technology-driven world. From self-service claim filing software to backend fraud detection, we’re the engine that powers claims processing for some of the largest insurers in the world.
The challenges we face are deep and diverse—from creating digital experiences that provide comfort and clarity to claimants at their most stressed and vulnerable to orchestrating large-scale ML-driven decision-making on billions of dollars of claims payments, life at Assured is dynamic, collaborative, and rewarding.
We are looking for a Staff Application Security Engineer to join our growing team.
You will…
🥊 Lead Red Team operations and penetration test campaigns, providing expert-level insight into process, procedure, and post-mortem
💡 Develop a clear understanding of vulnerabilities and drive efforts to remediate findings
🔒 Lead in developing automated security testing to validate that secure coding best practices are being used
🫡 Provide expert guidance and direction for other team members when they encounter challenges in their security reviews
📝 Own documentation and procedures surrounding application security reviews and lead by example for what successful application security reviews look like
⚖️ Drive initiatives that scale application security and holistically address multiple vulnerabilities
🤝 Guide and advise development teams as an SME in the area of application security
🪲 Develop, support, and evolve the bug bounty program. Take initiative and drive changes in the bug bounty program
𝌚 Lead both critical and regular security releases within our applications
🧪 Lead application security reviews and threat modeling, including code review and dynamic testing
👮 Scale application security by developing automated security testing or centralized security libraries that scale directly with developers and enable them to easily write secure code
🚃 Develop security training and socialize the material with internal development teams. Have significant ownership in and evangelize security training with development teams
You have…
🚨 Strong expert understanding and experience with common security libraries, security controls, and common security flaws
🐍 Strong development or scripting experience and skills. You’re able to significantly and effectively contribute to product security. Typescript, Python, and Terraform are preferred
👯♂️ Strong experience working closely with developers
👨💻 DevSecOps experience
🗣️ Familiarity and ability to explain security flaws and ways to address them (e.g. OWASP Top 10)
🎙️ Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics clearly and concisely. Demonstrated expert in documentation
📀 Strong understanding of the Software as a Service (SaaS) model
🛜 Expert understanding of internet security issues, application security technologies, cloud architectures, and threat landscape concepts
😎 Experience leading efforts or managing application security teams working in the DevOps model
☁️ Hands-on experience architecting, automating, maintaining, and securing Cloud Computing Platforms. AWS experience is a must
Benefits:
🤑 Competitive salary and equity packages (75%tile)
🏥 Health Care Plan (Platinum Medical, Dental, & Vision)
🌧 Life Insurance (No cost to you)
🏄 Paid Time Off (Uncapped vacation days & paid holidays)
👶 Family Leave (Maternity, Paternity)
📈 401(k) contribution (Assured contributes 3% of your income even if you don't contribute)
👪 Health and Dependent Care FSAs (Pre-tax flexible spending accounts for out-of-pocket expenses)
We are an equal-opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Tags: Application security AWS Cloud DevOps DevSecOps OWASP Product security Python Red team SaaS Scripting Terraform TypeScript Vulnerabilities
Perks/benefits: Competitive pay Equity Flex hours Flex vacation Health care Insurance Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs