Senior Application Security Engineer
Remote job description
Codecademy was started in 2011 by two college students in a dorm room at Columbia that were frustrated by the huge gap between education and employment. Almost a decade later, we are a rapidly growing, diverse team of about 200 distributed through North America and headquartered in SoHo, NYC. We've raised over $87.5m in venture capital funding from top investors including Kleiner Perkins, Naspers, Owl Ventures, Union Square Ventures, Y Combinator, and more.
If you want to help build a business that impacts tens of millions of people each year and helps them lead better lives, join us!
The Security & Compliance team helps to improve our security posture as we begin building our security and compliance programs. We will provide subject matter expertise on authentication, authorization, and other security implementations. Also coordinating security operations, including incident response, vendor risk management, asset management, security awareness training, privilege management, monitoring/detection, and other security and compliance processes.
If you're passionate about building out and further maturing our controls, starting with fundamentals like access control, incident response, vulnerability management, asset management, security awareness, and education, this is the team for you.
What you'll do
- Work with Engineers, Product Managers, and Designers at the earliest planning and design phases
- Implement automated security testing across the software development lifecycle
- Conduct penetration tests and security reviews for core applications and APIs
- Collaborate and advise engineering teams on building authentication, authorization, and encryption solutions
- Develop tools to test, monitor, and enforce security across our applications
- Collaborate and advise engineering teams to build authentication, authorization, encryption, and other security implementations
- Coordinate with external security researchers testing our application.
What you'll need
- A minimum of 5 years of application security experience
- Experience with threat modeling and conducting web application security assessments
- Experience with a variety of security testing methodologies, including fuzzing and source code analysis
- Experience with secure networking best practices
- Knowledge of web application vulnerabilities and attack methods. Including OWASP top 10 and other vulnerabilities.
- Familiarity with containerization technologies
- Passionate about learning new things and excited to share knowledge
- Ability to work closely with Engineers and other stakeholders
What will make you stand out
Extensive development experience
Company name: Codecademy
Remote job title: Senior Application Security Engineer
Job tags: pre-revenue, freemium, education