Published: Sat, 02 Nov 2024 06:50:38 GMT
Senior Application Security Engineer at Mural
Mural is a leading visual work platform designed for enterprise teams to collaborate and innovate effortlessly. Our user-friendly visual workspace incorporates design-thinking techniques to enhance teamwork and productivity. Built with strict adherence to IT and regulatory standards, Mural is trusted by industry leaders including IBM, Microsoft, SAP, and Abercrombie & Fitch. Whether your team is remote, distributed, or in-office, Mural brings teams together to achieve their most important work.
ABOUT THE TEAM
The Product Security team at Mural plays a crucial role in identifying and mitigating risks within our platform. They also collaborate with other engineering teams to recommend security enhancements for our customers.
YOUR MISSION
As a Senior Application Security Engineer, you will be responsible for executing Mural’s product security strategy. This includes managing our public bug bounty program and performing SAST testing within our CI workflow. You will also work closely with developers to expand security testing coverage and conduct security reviews of product features. Your role will also involve educating and promoting secure coding practices within the company.
WHAT YOU’LL DO
– Conduct security reviews of Mural’s product features and architecture
– Manage and operate our bug bounty program
– Lead penetration testing and manage any identified risks
– Implement and maintain SAST and DAST technologies in our CI workflow
– Collaborate with Engineering teams to track and address product risks
– Work closely with Engineering to increase security testing coverage
– Foster relationships with security researchers, customers, and other stakeholders
– Produce metrics to track the effectiveness of our vulnerability management strategy
– Educate and promote secure coding best practices within the company
WHAT YOU’LL BRING
– 5+ years of experience in a product security role
– Experience in product security at a multi-tenant SaaS company preferred
– Knowledge of vulnerability management
– Deep understanding of web and mobile application security risks
– Strong understanding of Linux, Networking, Cryptography, and Cloud Architecture fundamentals
– Experience in software development with Node.JS or other frameworks like React or Angular
– Familiarity with MongoDB, Node.JS, Ruby, and/or Python preferred
– Participation in public or private Bug Bounty programs, or contributions to open source projects or security-related presentations or blog posts is a plus
– Excellent written and verbal communication skills in English
For individuals based in New York City, California, Colorado, and Washington, the base salary for this role ranges from $160,000 – $200,000 with benefits. Compensation will be determined based on factors such as location, level, job-related knowledge, skills, and experience. Some roles may also be eligible for variable compensation.
EQUAL OPPORTUNITY
We are committed to providing reasonable accommodations for individuals with disabilities to participate in the job application and interview process, perform essential job functions, and receive other employment benefits and privileges. Please contact us to request accommodation. Apply link
