Application Security Engineer

About Physna

Physna is changing the way software interacts with the physical world. Our industry-leading geometric deep learning technology bridges the gap between physical objects and digital code. Physna partners with large manufacturers and the Department of Defense to reduce risk in supply chain, manage obsolescence, reverse engineering, and identify alternative, more effective sources of supply. 

Thangs.com is a consumer SaaS product of Physna and the world’s first geometric search engine, 3D-native revision control tool, and 3D social platform. Thangs gives creators access to powerful search, collaboration and AI-powered predictive tools that have never been available before in the world of 3D data.

Physna is a Series B startup backed by Sequoia Capital, Tiger Global, Google Ventures, and Drive Capital. We are working on novel problems in a world experiencing rapid 3D adoption.

What You'll Do

This is an exciting time to join Physna and make a personal difference in a rapidly growing space as a Security Engineer on a lean team. Physna and Thangs are highly visible products that we must protect against damage to our internal information and our reputation. Your main priority at all times will be to help safeguard Physna's technology systems. This role plays a critical function to ensure we are continuously improving the security of our products and services. 

What We’ll Expect from You

• Bachelor’s degree in CE, CSE, or Math/Statistics
• 3+ years of application security engineering experience
• 5+ total years of experience in any of the following: threat modeling experience, application security risk assessment, secure coding, exploitation paths, secure identity management and authentication, and software development
• Thorough understanding of Google Cloud architecture, React, and Node.JS
• Experienced in security testing tools and techniques, such as vulnerability management and static and dynamic code analysis
• Knowledge of identifying key risk indicators is important
• Strong analytical skills with the ability to identify and mitigate security risks
• Experience securing CI/CD pipelines enabling strong security controls 
• Demonstrated ability to operate autonomously in a dynamic and evolving startup

Nice to Have

• Experience building and implementing authentication layers
• Experience building automation between tools and systems
• Experience performing analytics against aggregated log data
• Familiarity with enterprise security controls and security best practices 
• Familiarity with cloud security services, concepts, and best practices
• Strong familiarity with software development lifecycle (SDLC) processes and source control technologies, 
• Track record of getting things done quickly and with quality

Why You’ll Like Working for Us

We care about your physical, financial and mental well-being. We cover health, dental and vision insurance premiums at 100% for the family. We also make a meaningful contribution into employees’ Health Savings Account (HSA). We believe in competitive and fair compensation, offer a 401k, provide a generous holiday and PTO schedule, monthly WFH stipend, monthly well-being budget, unlimited virtual Mental Health therapy, as well as financial assistance for Alternative Medicine, Financial Wellness, Legal Services, Tax Support, and Caregiver Support.

We care about our culture. We believe in diversity, equity, inclusion & belonging. We believe in treating each other with kindness and respect. We are a culture of innovation, transparency, accountability, failing fast and learning quickly.