Application Security Engineer
San Francisco
Asana
Work anytime, anywhere with Asana. Keep remote and distributed teams, and your entire organization, focused on their goals, projects, and tasks with Asana.We are looking for a Software Engineer to grow our rapidly expanding Product Security team here at Asana. You will be working with the Security and Product teams to ensure our product is safe from vulnerabilities and help build and advise on the systems and frameworks we use to keep the product safe.
The Security team ensures that Asana's users and employees are safe from malicious activity and accidental disclosure. We build the systems and tools that enable the rest of Asana to develop secure software easily. We're focused on secure-by-default frameworks, least privilege access, detection and alerting, and eliminating bug classes.
What you’ll achieve
-
Help shape our maturing Product Security program, focusing in the areas of identifying vulnerabilities and vulnerability classes in our product
-
Develop processes, code, or systems that mitigate and prevent vulnerabilities from being introduced in our product
-
Help us to collaborate with external researchers through our bounty program
-
Partner with product security and product engineering to ensure security best practices are created and upheld and build out support for security champions across the company.
-
Expand our detection and response to security events relating to our product, including building out detection capabilities and maturing our incident response capabilities
About you
-
You love hunting for bugs and vulnerabilities and keeping up with new tools and techniques in the field
-
You have experience with SaaS platforms and the risk landscape of web apps
-
Strong working knowledge of application security concepts and vulnerability mitigation
-
Experience with prioritizing risks based on probability and balancing business velocity
-
Solid programming skills - you can build out tooling to support your work and reason through code reviews
-
Not a stranger to implementing tooling, whether building or buying
-
Strong interest in working with variety of engineering and product teams as well as employees of all backgrounds
About us
At Asana, we're building a better way to work, fueled by transparency, inclusion, and technology that is a force for positive change. Asana is a work management platform that helps teams orchestrate their work, from daily tasks to strategic initiatives, so they can move faster and accomplish more with less. For the past 5 years, we've been named a top workplace, including top 10 Great Place to Work Best Small & Medium Workplaces, #1 Fortune Best Workplace in the Bay Area for four years in a row, #8 Fortune Best Workplaces for Women, #14 Glassdoor Best Place to Work, and one of Ireland's Best Workplaces. After spending more than a year physically distanced, we are safely and mindfully returning our global teams to in-person collaboration, incorporating flexibility that adds hybrid elements to our office-centric culture. With offices all over the world, we are always looking for curious, collaborative, and mission-driven people to help us enable the world’s teams to work together effortlessly.
We believe in supporting people to do their best work and thrive, and building a diverse, equitable, and inclusive company is core to our mission. Our goal is to ensure that Asana upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of any educational background, gender identity and expression, sexual orientation, religion, ethnicity, age, citizenship, socioeconomic status, disability, and veteran status.
Tags: Application security Incident response Product security SaaS Vulnerabilities
Perks/benefits: Career development Team events Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs