Application Security Engineer

Boston

Full Time
Drift logo
Drift
Apply now Apply later

Posted 3 weeks ago

About Drift:

Drift is the Conversational Marketing platform that combines chat, email, video, and automation to remove the friction from business buying. With Drift, you can start conversations with future customers now, on their terms -- not days later. There are over 50,000 businesses that use Drift today to generate more revenue, shrink sales cycles, and make buying easy. Our mission is to use conversations to make business buying frictionless, more enjoyable, and more human.

About the Role & Team:

Drift is seeking an Application Security Engineer to help design, build, deploy and maintain secure products. We are ingraining security into the core of how we build our product from inception and design to deployment in the cloud and are seeking the right individual to.

This high visibility role will work closely with Product and Engineering teams performing core application security practices like threat modeling, design review, secure code reviews, and security testing while continuously improving our SDLC.

What you’ll be doing on the Security team at Drift:

  • Drive activities like application security training, requirements & standards, threat modeling, static & dynamic security testing and so on, into Drift’s development processes
  • Identify, prioritize and promote security practices that create the most impact in reducing overall security risk of the application
  • Provide application security guidance and oversight across Security, Engineering & Product teams
  • Provide hands-on remediation guidance to development teams
  • Influence the design and implementation of upcoming products and services with security and privacy by design mindset
  • Take a risk-based approach, to prioritize remediation of security findings
  • Develop and report metrics measuring the state of application security program
  • Understand existing SDLC and identify how to improve and streamline it
  • Take ownership of our Bug Bounty program, interface with researchers, and work with development teams to remediate findings

About you and what type of skills you’ll need:

  • BA/BS in Computer Science or a closely-related degree
  • 3+ years of relevant industry experience
  • Strong knowledge of secure design practices such as Threat modeling and common software vulnerabilities such as CWE top 25 and OWASP Top 10.
  • Development experience in one or more of these technologies: Java (Jersey), Elixir (Phoenix), JavaScript (React), AWS, Kubernetes
  • Experience as an application security practitioner in an Agile environment
  • Experience with various development, debugging and application security tools
  • Experience working with distributed teams and other cross-functional stakeholders
  • Proactive, organized, analytical, detail-oriented and persistent

Drift is committed to being an equal opportunity employer

We know that applying for a new job can be intimidating. But guess what? At Drift, there is no such thing as a “ideal candidate.” We believe in the power of teamwork -- and in the desire to learn something new every day. We believe in hiring people, not just skills. Take it from our CEO

If this sounds like a company you would like to join and a role you would thrive in, please don’t hold back from applying! Whatever skills you bring to the table or background you’re coming from, we welcome you to start a conversation with us. We need your unique perspective for our continued innovation and success. We’re looking forward to learning more about you!

Drift is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at disabilities@drift.com 

 

Job tags: Automation AWS Java JavaScript Vulnerabilities