Senior Application Security Engineer
Remote, United States
Checkr
Checkr platform uses AI to make background screening more efficient, speed up the hiring process, fill roles faster & drive more revenue. ✓ Start for free!Checkr’s mission is to build a fairer future by designing technology to create opportunities for all. We believe all candidates, regardless of who they are, should have a fair chance to work. Established in 2014 and valued at $5B, Checkr is using technology to bring hiring to the next level. Our People Trust Platform uses machine learning to help thousands of companies modernize their background check process and make hiring safer, more efficient, and more inclusive. Some of our customers include Uber, Instacart, Doordash, Netflix, Compass Group, and Adecco.
A career with Checkr is an opportunity to work with some of the best and brightest minds, disrupt an industry for a better future, and give otherwise overlooked candidates access to employment. Checkr has been recognized in Forbes Best Startup Employers and is a top Y Combinator company by valuation.
We are looking for a Sr. Application Security Engineer to join our Security team and help us protect our applications (core API, customer facing dashboard, internal backend services) while empowering Product Engineering teams to move quickly. Given the scale and sensitive nature of the information that Checkr processes, security is core to our mission and you will have a key role in supporting those efforts.
What a typical week may look like at Checkr
- Help facilitate our bug bounty program, triage and drive resolutions
- Coordinate penetration tests and work on resolving security issues identified from it
- Conducting threat modeling, security design and architecture reviews on our new products and features
- Integrating security tools in the CI/CD pipelines aka “shifting security left”
- Educate engineers and business stakeholders about Security best practices
- Implement new application features focused on improving security
- Evaluate new technologies and processes that enhance security capabilities
- Participate in on-call rotation
What we value in an Application Security Engineer
- Application security background (3+ years) with a focus on providing practical technical guidance to engineering teams
- Solid understanding of web applications architecture and common vulnerabilities
- Good understanding of Ruby, JavaScript, Go, Python with proficiency in at least one
- Experience in analyzing systems and identifying security problems, threat modeling, code auditing, data security, and design and security reviews.
- Strong verbal and written communication skills along with investigative and analytical problem solving skills
- AWS experience and understanding of how cloud infrastructure works
- Familiarity with intrusion detection, monitoring and logging best practices
- Ability to correctly balance security risk and product advancement
Brownie Points:
- Diligence in documentation of vulnerability remediations
- Experience with offensive security
- Knowledge of common compliance frameworks such as ISO/IEC 27001, SOC 2, and NIST
What you get
- A fast-paced and collaborative environment
- Learning and development allowance
- Competitive compensation and opportunity for advancement
- 100% medical, dental, and vision coverage
- Up to 25K reimbursement for fertility, adoption, and parental planning services
- Flexible PTO policy
- Monthly wellness stipend, home office stipend
The base salary for this position will vary based on geography and other factors. In accordance with Colorado law, the base salary for this role if filled within Colorado is $133,663-$157,250.
Equal Employment Opportunities at Checkr
Checkr is committed to hiring talented and qualified individuals with diverse backgrounds for all of its tech, non-tech, and leadership roles. Checkr believes that the gathering and celebration of unique backgrounds, qualities, and cultures enriches the workplace.
Checkr also welcomes the opportunity to consider qualified applicants with prior arrest or conviction records. Checkr’s commitment to diversity extends to hiring talented individuals in spite of a prior criminal history in accordance with local, state, and/or federal laws, including the San Francisco’s Fair Chance Ordinance.
#LI-Remote
Tags: APIs Application security Audits AWS CI/CD Cloud Compliance Intrusion detection JavaScript Machine Learning Monitoring NIST Offensive security Python Ruby SOC SOC 2 Vulnerabilities
Perks/benefits: Career development Competitive pay Fertility benefits Flex vacation Gear Health care Home office stipend Startup environment Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs