Senior Security Engineer, Application Security
Fremont, California, United States
Applications have closed
Pony.ai
Leading global autonomous driving technology company Pony.ai, Inc. (“Pony.ai”) is pursuing an ambitious vision for autonomous mobility. We aim to bring safe, sustainable, and accessible mobility to the entire world.Self-driving is a very challenging area. Your ideas and wisdom will promote the progress of this industry. You will be deeply involved in the security improvement and compliance of pony.ai products or services. Our work will focus on product security vulnerability analysis.
You must be a self-starter who thrives in a fast-paced, agile environment – which means wearing many hats, being able to change direction quickly, and showing an eagerness to learn and introduce new technologies as the need arises. Accordingly, you will have more access to security technologies in different areas. It will give you rich experience and different work experience.
What you’ll be doing:
- Perform reviews ranging from architectural design to threat modeling and source code level assessments, providing actionable recommendations to make our products more secure
- Collaborate closely with engineering on security focused code reviews and implementation of security best practices in essential systems
- Write and use tools to help identify application security flaws and provide fixes or work with engineering teams to see issues are remediated
- Be capable or prioritizing security efforts as well as help teams understand prioritization of performing security mitigation work
Requirements
What you must have:
- A broad and practical understanding of security fundamentals and their application
- Extensive experience in the application security space; securing complex interconnected web applications and their architectures using Golang, Python and/or Node.js
- 4+ years of direct experience in information security, ideally with a focus on application security
- A documented history of finding high impact vulnerabilities or participating in the creation of tools to do the same
- A track record of developing projects from design to implementation and maintenance
- Experience using a variety of static and dynamic security tools
- An interest in building creative solutions to challenging security problems with a focus on mentorship and scaling the team’s impact
- Have good communication skills and teamwork skills, Chinese communication skills required.
Bonus Points:
- Contributions to the security community (open source, white papers, talks, etc)
- Doing well at large CTF events
- Experience with static analysis
- Experience fuzzing applications and protocols
- Experience with building automation for security testing
- Experience with embedded security
- Experience with mobile security
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Automation Compliance CTF Golang Mobile security Node.js Open Source Product security Python Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs