Application Security Engineer ll - Mexico

Mexico City, Mexico City, Mexico - Remote

Applications have closed

About Resilia

Resilia is a fast growing, venture backed, mission-driven SaaS startup powering a digital transformation in the nonprofit sector. Our mission is to strengthen nonprofit capacity and help grantors scale impact through data-driven technology solutions. Resilia’s three SaaS-based products help nonprofits achieve tax exempt status, build capacity in pursuit of becoming high performing organizations, while enabling corporations and foundations to support nonprofits beyond grant awards. As a company, Resilia was named 2022 Best Tech Startup in New Orleans, Rising Star on the 2020 Forbes Cloud 100 list, VentureBeat's Companies to Watch list and Sevetri Wilson, Resilia’s Founder and CEO, has been recognized in Inc Magazine's 100 Women Building America's Most Innovative Companies and Pitchbook's top Black Tech Leaders list. The company recently closed a historic Series B raise: the $35 million round will fuel growth and impact for the company’s 15,000+ nonprofit users, and marks the largest single VC raise ever by a solo Black female-founded tech company. For more information visit resilia.com.

This is a remote role that may require occasional travel, including to Resilia's New York and New Orleans offices for collaborative opportunities such as team retreats and gatherings. This role is expected to work either Eastern or Central hours. #LI-REMOTE

About the Role

As an Application Security Engineer, you will improve the security of our web applications through threat hunting, vulnerability identification, and remediation guidance. You will work with other professionals across our Product, Engineering, and Design functions in the pursuit of this goal.

You will be a trusted partner across our multifunctional product pods as you bring the application security perspective to conversations and projects. There is an ever-growing breadth of knowledge in the application security space, and it can be a daunting task for product pods to keep up with everything, filter out the irrelevant or non-applicable information, and make effective decisions that promote security. You will help to bridge those gaps by providing actionable insights throughout the software development lifecycle and coach development teams on secure development best practices.

You will be an advocate and ally for our customers and their data as you uncover risk in our web applications. As such, your role will have a crucial impact on our nonprofits by ensuring the ongoing safety of their tenancy within our web applications.

This role reports to the Lead Security & Infrastructure Engineer and joins a small but growing security team; it will be an early contributor to the company’s security strategies.

What You Will Do

  • Identify and describe threats and vulnerabilities to our web applications
  • Verify bug bounty reports
  • Work with Engineers across multiple, independent product pods to deliver and test appropriate controls

Qualifications

  • At least 1 year of experience in a web application security or development role
  • Working knowledge of OWASP Top Ten Web Vulnerabilities
  • Experience with static application security testing (SAST)
  • Experience with at least one dynamic application security testing (DAST) tool
  • Working knowledge of standard web application security controls (CSP, TLS, Cookie hygiene)
  • Working knowledge of standard web application authentication and authorization mechanisms (OAuth 2.0, OIDC, SAML, FIDO2)
  • Experience with at least one programming language - web application development is a nice-to-have
  • Experience in security for SaaS applications is a nice-to-have

About You

  • Well-developed communication skills, ability to explain complex problems, and to share and visualize findings with stakeholders in product, marketing, revenue operations, and senior leadership teams
  • Action-oriented, entrepreneurial, flexible and comfortable with ambiguity and managing priorities
  • Passion, humility, humor, integrity, positive attitude, mission-driven and self-directed
  • Committed to supporting a diverse, inclusive, and collaborative work environment

Compensation & Benefits

Why Resilia? Resilia powers the people changing the world.

Resilia is an inclusive and welcoming workplace where our team thrives on collaboration, creativity, innovation, and fun. We are proud to offer competitive salary commensurate with experience and excellent benefits including unlimited PTO, medical, dental, vision and life insurance, a 401k program, mental health support, a healthcare advocate, short-term disability, and commuter benefits, with potential for equity stake in a fast growing company.

Resilia is an Equal Opportunity Employer and does not discriminate on the basis of an individual's sex, age, race, color, creed, national origin, alienage, religion, marital status, pregnancy, sexual orientation or affectional preference, gender identity and expression, disability, genetic trait or predisposition, carrier status, citizenship, veteran or military status and other personal characteristics protected by law. All applications will receive consideration for employment without regard to legally protected characteristics.

Market Opportunity

Every year, foundations and corporations award nearly $100 billion in grant deployments in the US alone. Such deployments play a major role in addressing some of society’s biggest challenges, spanning social justice, pandemic response, environmental protection and everything in between. Yet the impact of this funding remains loosely captured, or at worst, untraceable. Additionally, 60 percent of nonprofit professionals say they don’t use data to make decisions and more than one-third of nonprofits say they’re incapable of gathering data on the impact of their programs. Resilia aims to close the funding deployment-impact tracking loop and empower nonprofits through data and capacity building through a combination of technology, analytics, and human capital.

Resilia’s Formation platform empowers brand-new nonprofits to achieve tax exempt status while enabling annual compliance. Our Nonprofit platform provides capacity building support in fundraising, board management, program management and the collection of data. Finally, our Funder program enables funders to strengthen their grantees through on-demand technical assistance while helping them capture and communicate stories of impact.

With a first-to-market solution and a team of builders with extensive startup, nonprofit, and corporate experiences, Resilia is democratizing technology to solve some of the social good sector’s biggest legacy challenges, while re-defining the notion of technology for good.



* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics Application security Cloud Compliance DAST Nonprofit OWASP SaaS SAML SAST TLS Vulnerabilities

Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Health care Insurance Startup environment Team events Unlimited paid time off

Regions: Remote/Anywhere North America
Country: Mexico
Job stats:  17  5  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.