Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Senior Application Security Engineer

extra holidays - extra parental leave - work from anywhere - fully flexible
Remote: 
Full Remote
Contract: 
Full time
Salary: 
160 - 200K yearly
Experience: 
Senior (5-10 years)
Work from: 
United States

Offer summary

Qualifications:

5+ years experience in product security, Experience in multi-tenant SaaS preferred, Expertise in vulnerability management, Understanding of web & mobile security risks, Development experience with Node.JS or similar frameworks.

Key responsabilities:

  • Perform security reviews of product features
  • Manage bug bounty program operations
  • Lead penetration testing and risk management
  • Implement SAST and DAST in CI workflow
  • Educate on secure coding best practices
MURAL logo
MURAL Internet SME https://www.mural.co/
501 - 1000 Employees
About MURAL
MURAL is the leading provider of digital workspaces for guided visual collaboration. Different from online whiteboarding and design software, the MURAL® platform transforms teamwork by making meetings and workshops interactive experiences that are designed for problem solving, play, and imagination. Teams in product, consulting, leadership, innovation, technology, and sales and customer success, among others, innovate, strategize, plan, and reflect using MURAL’s visual thinking canvas. The platform provides hundreds of visual methods, or templates, as well as Facilitation Superpowers™ features to guide teams through especially complex, difficult teamwork. Tens of thousands of teams at companies such as IBM, Intuit, Facebook, Publicis Sapient, USAA, SAP, Thoughtworks, and Atlassian, as well as MURAL’s other customers, use the platform to foster inclusive, imaginative teamwork and turn shared ideas into a shared reality—at any time and from anywhere. Start your free forever workspace at mural.co MURAL is headquartered in San Francisco and employs over 600 people working across six time zones around the world like Buenos Aires, Atlanta, and across Europe.
See more MURAL offers

Job description

Mural, the leading visual work platform for the enterprise, makes teamwork feel like less work. Our intuitive visual workspace enables teams to easily work together and collaborate better using proven design-thinking techniques. Built for enterprise teams, Mural meets the most stringent of IT and regulatory requirements. Industry leaders — including IBM, ‌Microsoft, SAP, and Abercrombie & Fitch — choose Mural to help their teams accelerate innovation and problem solving at scale. Whether your team is fully remote, distributed, in the office, or still figuring it out, Mural brings teams across the enterprise together to do the work that matters most.

ABOUT THE TEAM

The product security plays a vital role in identifying and mitigating risks within the Mural product as well as partnering with other engineering teams to recommend product features that enhance security for our customers.

YOUR MISSION

As an Application Security Engineer, your role will involve executing the MURAL product security strategy. You will manage Mural’s public bug bounty submissions, SAST testing within our CI workflow. Collaborating closely with developers, you will work to expand security testing coverage and lead security reviews of MURAL product features. Additionally, you will play a crucial role in educating and promoting secure coding best practices.

WHAT YOU'LL DO
  • Performing security reviews of Mural product features and architecture
  • Manage and operate our bug bounty program
  • Lead penetration testing and manage any risks to remediation
  • Implementation and operation of SAST and DAST technologies in the CI workflow
  • Working closely with Engineering teams to track and manage product risks to remediation
  • Working closely with Engineering to increase coverage of security testing
  • Communicating and nurturing relationships with security researchers, customers, and other stakeholders
  • Producing metrics to help track the health of our product vulnerability management strategy
  • Educating and evangelizing secure coding best practices
WHAT YOU'LL BRING
  • 5+ years experience in a product security focused role
  • Experience with product security at a multi-tenant SaaS company preferred
  • Experience with vulnerability management
  • Deep understanding of web application and mobile application security risks
  • Deep understanding of Linux, Networking, Cryptography, and Cloud Architecture fundamentals
  • Software development experience with Node.JS or other frameworks like React, Angular, etc. is a preferred
  • Familiarity with MongoDB, Node.JS, Ruby, and/or Python is preferred. 
  • If you have participated in public or private Bug Bounty programs, or have any other open source or community contributions, presentations, or blog posts in the security space, please share it with us!
  • Excellent command of English, both written and verbal

For roles based in New York City, California, Colorado, and Washington, the base salary for this role ranges from $160,000 - $200,000 + benefits. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation.

Equal Opportunity 

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Internet
Spoken language(s):
EnglishEnglish
Check out the description to know which languages are mandatory.

Hard Skills

CryptographyProduct SecurityCloud Computing ArchitectureLinuxAngular (Web Framework)Secure Coding Best PracticesMongoDBMicrosoft NetworkingMobile SecurityReact.js (Javascript Library)Python (Programming Language)Node.js (Javascript Library)Vulnerability ManagementRuby (Programming Language)Software DevelopmentWeb Application SecurityBusiness MetricsSecurity Testing

Other Skills

  • Verbal Communication Skills
  • Collaboration
Are you interested?

Security Engineer Related jobs

See more Security Engineer jobs
Sign in or sign up with Google or LinkedIn