Application Security Engineer
We’re looking for our first dedicated application security engineer! ReadMe takes the safety and security of our customer’s data very seriously, and we need someone willing to jump into the hot seat and help ensure every bit and byte stays exactly where it should be.
This position will work directly alongside ReadMe’s engineering team, assisting to define best practices, catching potential issues before release, and creating a rock-solid approach to the storage and transfer of critical data. There’s a lot of ground to cover, and there will be ample opportunity to grow and explore other aspects of security along the way!
We're a small team of humans (and one owl) working together to do big things, and we’re growing fast! That’s where you come in. Since we’re a startup, you’ll make a big impact on ReadMe both in the daily responsibilities of your role and beyond.
🦉 What we do
ReadMe helps companies build beautiful, personalized, and interactive developer hubs. If you’ve ever visited the developer docs for Intercom, Airbnb, or Notion, you’ve used ReadMe! We love what we do because it’s so much more than just docs. We’re providing tools for teams to create and manage beautiful documentation with ease. Our Engineers are especially excited to see the impact their work can have, because they care deeply about developer experience.
You can read more about what it’s like to work at ReadMe on our careers page, or our Key Values page. We've written on our blog in the past about how we interview, and feel free to browse our other blog posts as well if it strikes your fancy!
✅ What you’ll do here
Perform security-focused code reviews and work as a partner with the development team to remediate concerns.
Lead by example by going hands-on in our codebase to help close security gaps.
Consult with the development team on secure approaches to product design and technical architecture.
Perform audits on existing software and data architecture to identify potential risks.
Support our bug bounty program in the verification of reports, classification of severities, and follow-ups for remediation.
Build automations to enable working in a secure way easy and frictionless.
Provide security reviews of new and existing vendors.
Drive initiatives to ensure adherence with security and data compliance programs.
Assist in defining company-wide security policies and practices.
💙 You’ll love this job if you are…
Passionate about the safety and security of customer data.
Intrigued by the challenge of applying zero trust security in a maturing organization.
A strong prioritizer, knowing that each baby step leads us to a more secure future.
Excited about applying security practices within an existing development workflow in a non-intrusive way.
A great teammate, helping to teach along the way.
🌱 How you’ll grow in one month
Gain a foundational understanding of the ReadMe application and supporting projects through a security lens.
Build a rapport with the development team as a proactive partner.
Become familiar with our existing security policies.
🪴 Within three months, you'll...
Actively review new code reviews related to customer data, authentication and authorization, and infrastructure.
Begin to build a security “short-list” of security hot items alongside engineering and product leadership that would increase our security posture.
Become a trusted go-to advisor during the ideation of new product initiatives and technical solutions.
🌳 Within six months, you'll...
Perform audits of our existing product architecture, highlighting key vulnerabilities and gaps that may remain.
Build automations to assist in developing a more secure product directly within our development workflow.
Directly assist remediation and communication in the event of a security incident in line with our incident response plan.
🛣️ What's the hiring process like?
We can’t wait to read your resume and (hopefully personality-filled) cover letter! Let us know what excites you about developer products, and help us get to know you better.
If we think we might be a good fit for you, we’ll set up a 30 minute phone chat with Kenny, our VP of Engineering. He’ll tell you more about the role, and get a chance to hear about your experiences.
Next will be a second 30 minute phone interview with Greg, our Founder & CEO, where we’ll dive a bit more into your background.
Then we’ll invite you to an "onsite" interview conducted over Zoom! These usually take 3.5 to 5 hours including an hour break in between. We are able to be flexible with the schedule and split it up over two days if that works best for you! We start with a 15-minute get-to-know-you with the team so you can meet the people you’ll be working with, and then have you talk with people one-on-one later on.
We’ll let you know how things went within a week! If it still seems like a good fit all around, we’ll extend you an offer. If not, we will update you to let you know so you aren’t left hanging.
✨ Our benefits include…
Unlimited PTO with a three-week minimum. 🏝️
Fully covered medical, dental, and vision insurance for you, and 100% for your dependents. 🩺
A One Medical membership. 🧑⚕️
A gym or fitness stipend of up to $150 per month. 🏋️
One-to-one donation matching of up to $1,000 per year. 💸
Twelve weeks of paid parental leave after the birth or adoption of a child. 🐣
Work from home. 🏠
Three offsite retreats per year to get together with coworkers and plan for the quarter ahead. ✈️
Take a look at our handbook for more information on our benefits! 📘
At ReadMe, we’re committed to cultivating a diverse and inclusive workplace. We welcome people of all backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer and a pleasant and supportive place to work. We'd love to have you come join us here! ReadMe is open to hiring folks fully remote in the US, hybrid, or in-person at our San Francisco HQ.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Philadelphia, Pennsylvania, United States … Philadelphia, Pennsylvania, United States - Remote Full TimeSenior Senior-levelUSD 90K - 140K USD 90K+
Cyber Security EngineerCloud Compliance HITRUST Incident response Intrusion detection NIST +8
Career development Competitive pay Flex hours Health care Insurance
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs