Application Security Engineer

San Francisco

Applications have closed

Asana

Work anytime, anywhere with Asana. Keep remote and distributed teams, and your entire organization, focused on their goals, projects, and tasks with Asana.

View company page

We are looking for a Software Engineer to grow our rapidly expanding Product Security team here at Asana. You will be working with the Security and Product teams to ensure our product is safe from vulnerabilities and help build and advise on the systems and frameworks we use to keep the product safe.

The Security team ensures that Asana's users and employees are safe from malicious activity and accidental disclosure. We build the systems and tools that enable the rest of Asana to develop secure software easily. We're focused on secure-by-default frameworks, least privilege access, detection and alerting, and eliminating bug classes.  

What you’ll achieve

  • Help shape our maturing Product Security program, focusing in the areas of identifying vulnerabilities and vulnerability classes in our product

  • Develop processes, code, or systems that mitigate and prevent vulnerabilities from being introduced in our product

  • Help us to collaborate with external researchers through our bounty program

  • Partner with product security and product engineering to ensure security best practices are created and upheld and build out support for security champions across the company.

  • Expand our detection and response to security events relating to our product, including building out detection capabilities and maturing our incident response capabilities

About you

  • You love hunting for bugs and vulnerabilities and keeping up with new tools and techniques in the field

  • You have experience with SaaS platforms and the risk landscape of web apps

  • Strong working knowledge of application security concepts and vulnerability mitigation

  • Experience with prioritizing risks based on probability and balancing business velocity

  • Solid programming skills - you can build out tooling to support your work and reason through code reviews

  • Not a stranger to implementing tooling, whether building or buying

  • Strong interest in working with variety of engineering and product teams as well as employees of all backgrounds

 

About us

At Asana, we're building a better way to work, fueled by transparency, inclusion, and technology that is a force for positive change. Asana is a work management platform that helps teams orchestrate their work, from daily tasks to strategic initiatives, so they can move faster and accomplish more with less. For the past 5 years, we've been named a top workplace, including top 10 Great Place to Work Best Small & Medium Workplaces, #1 Fortune Best Workplace in the Bay Area for four years in a row, #8 Fortune Best Workplaces for Women, #14 Glassdoor Best Place to Work, and one of Ireland's Best Workplaces. After spending more than a year physically distanced, we are safely and mindfully returning our global teams to in-person collaboration, incorporating flexibility that adds hybrid elements to our office-centric culture. With offices all over the world, we are always looking for curious, collaborative, and mission-driven people to help us enable the world’s teams to work together effortlessly.

 

We believe in supporting people to do their best work and thrive, and building a diverse, equitable, and inclusive company is core to our mission. Our goal is to ensure that Asana upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of any educational background, gender identity and expression, sexual orientation, religion, ethnicity, age, citizenship, socioeconomic status, disability, and veteran status.

Tags: Application security Incident response Product security SaaS Vulnerabilities

Perks/benefits: Career development Team events Transparency

Region: North America
Country: United States
Job stats:  20  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.