Application Security Engineer
Remote - US; Remote - Canada; Remote - Ireland
Dropbox
Dropbox helps you simplify your workflow. So you can spend more time in your flow.Role Description
As part of the Application Security team, you’ll be working to reduce risk across Dropbox. We partner with engineering and product teams during each point of the software development lifecycle (SDLC) and help drive broader security initiatives across Dropbox. Application Security Engineers provide security impact by developing secure-by-default libraries and frameworks that teams across Dropbox can frictionlessly integrate into their products. They also offer their expertise on security matters through cross-team consultations that cover design and threat modeling, as well as through documentation and educational initiatives.Responsibilities
- Act as a subject matter expert on application security domains involving web, mobile, and desktop platforms
- Conduct security consultations on new and existing products, and be able to communicate complicated issues to non-technical audiences
- Improve upon and further integrate the Secure Development Lifecycle (SDLC) into product design and engineering efforts
- Empower secure-by-default development by shipping libraries and frameworks that address classes of vulnerabilities at scale
- Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities
Requirements
- 2+ years experience in application security engineering
- Strong communication skills and relationship building skills
- Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)
- Experience in building and scaling the Secure Development Lifecycle
- Experience with threat modeling and handling vulnerability reports
- Experience partnering with cross-functional engineering and product teams
- Be able to demonstrate software development experience
Total Rewards
At Dropbox, we strive to be a great place for all Dropboxers to grow and be recognized for that growth. This job posting reflects broad requirements, and represents two potential levels of role. Through our assessment process, we will identify your level that ties to compensation based on your experience and technical expertise along with the scope of the role. Our Engineering Career Framework is viewable by anyone outside the company and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more here.
For candidates hired in Colorado, the expected salary/On-Target Earnings (OTE) range for the role is $125,800 - $148,000 - $170,200 if you are assessed at the IC2 level. If you are instead assessed at the IC3 level, the expected salary/On-Target Earnings (OTE) range for the role is $149,600 - $176,000 - $202,400. This salary/OTE range represents the low, middle, and high end of the salary or OTE (Sales roles) range for this position, and is subject to change. To determine a Dropboxer’s starting pay we carefully consider a variety of factors, including primary work location and an evaluation of a candidate’s skills, experience, market demands, and internal parity. This position may be considered a promotional opportunity. Salary/OTE is just one component of Dropbox’s total rewards package. All regular employees are also eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs). Dropbox is committed to investing in the holistic health and wellbeing of all Dropboxers and their families. Our benefits and perks programs include, but are not limited to:- Competitive medical, dental and vision coverage
- (US Only) Competitive 401(k) Plan with a generous company match and immediate vesting
- Flexible Time Off/Paid Time Off, paid holidays, 11 Company-wide PTO days, Volunteer time off and more
- Protection Plans including; Life Insurance, Disability Insurance and Travel benefit plans
- Perks Allowance to be used on what matters most to you, whether that’s wellness, learning and development, food & groceries, and much more
- Parental benefits including; Parental Leave, Child and Adult Care, Day Care FSA (US Only), Fertility Benefits (US Only), Adoption and Surrogacy support and Lactation Support
- Mental Health and Wellness benefits
- Free Dropbox space for your friends and family
Tags: Application security SDLC Vulnerabilities
Perks/benefits: 401(k) matching Career development Competitive pay Fertility benefits Flex hours Flex vacation Health care Insurance Medical leave Parental leave Startup environment Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs