Published: Sun, 27 Oct 2024 16:51:05 GMT
*
Lattice is looking for a highly skilled and experienced Senior Application Security Engineer to join our Engineering team. As a member of our team, you will have the opportunity to work with a modern tech stack and collaborate with designers and product managers to improve our product and ensure an exceptional user experience.
In this role, you will be responsible for providing guidance and support to our product developers in building secure applications for our customers. Your responsibilities will include working on various areas such as application security, infrastructure security, and software supply chain. You will also be involved in developing and managing tools, as well as serving as a consultant and partner for product developers. This position requires a strong balance of technical expertise and collaboration skills.
Your day-to-day tasks will include reviewing design proposals, writing design proposals, meeting with development teams to discuss their approaches and challenges, developing training materials, coding, and triaging bugs to understand their risks and remediations. You will also play a crucial role in determining the best practices and processes for our team.
Key Responsibilities:
– Mentor and advise product development teams on application security
– Reproduce, triage, and address application security vulnerabilities
– Implement security processes and automated tools to prevent security issues
– Design and implement secure code libraries and patterns
– Conduct security-focused code reviews
– Collaborate with infrastructure teams to ensure system security
– Support the bug bounty program
– Evaluate and implement security tools such as SAST/DAST and cloud security analysis tools
– Lead application security reviews and threat modeling
– Develop security training and share with product development teams
Required Skills and Experience:
– Relevant software development experience, preferably with Javascript/Typescript, Python, or Ruby
– Familiarity with secure coding practices
– Experience with security tools and libraries such as static/dynamic analysis tools and penetration testing tools
– Understanding of common security flaws and their remediation methods (e.g. OWASP Top 10)
– Strong grasp of security libraries, controls, and flaws
– Excellent communication and collaboration skills
Preferred Experience:
– Familiarity with AI/LLMs for enhancing code quality and automating security analysis
– Knowledge of containerization (Docker, containerd, etc) and Kubernetes
– Experience developing and operating cloud systems in AWS
– Understanding of GraphQL
We offer a competitive annual salary of $166,000 – $207,500 for this role, as well as incentive stock options. We also provide a comprehensive benefits package, including medical, dental, and vision insurance, life and disability insurance, parental leave, paid time off, commuter and parking accounts, and more.
At Lattice, we are committed to creating a diverse and inclusive workplace. We value equal treatment and opportunity for all employees, regardless of gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. We are an equal opportunity employer and strive to provide an environment free from discrimination, harassment, and retaliation.
By submitting your application, you consent to Lattice processing your personal information for the purpose of assessing your candidacy for this position in accordance with our Job Applicant Privacy Policy. Join us at Lattice and be a part of our mission to build thriving cultures where employees and companies can succeed. Apply link
