Lead Application Security Engineer
Apollo.io
·
Posted:
July 31, 2023
·
Remote
About the position
The Lead Application Security Engineer at Apollo.io will be responsible for establishing and managing the AppSec program. This role involves collaborating with the engineering team to implement a secure software development lifecycle (SDLC) and implementing tools, education, and processes to mitigate security risks in the tech stack. The engineer will also provide security architectural advice, manage issues from penetration tests and bug bounty programs, and assist in incorporating security requirements into new products. The ideal candidate should have a strong background in development, particularly in Ruby or similar languages, and possess knowledge of common application security practices.
Responsibilities
- Own all aspects of the secure SDLC
- Select or build tooling to help developers build secure code
- Provide overall security architectural advice to Engineering and IT
- Manage issues sourced from penetration tests and bug bounty programs
- Manage security champions program
- Help Product, Engineering, and IT incorporate security requirements into new products from inception
- Assist in the creation and maintenance of Security Risk Models for new projects and existing systems
Requirements
- 7+ years of development with some security experience in the AppSec domain
- Strong Linux knowledge
- Strong software development skills ideally in Ruby or similar languages
- Ability to influence others
- Knowledge of common AppSec
Benefits
- Great compensation package
- Culture that thrives in openness and excellence
- Development of remote employees' careers
- Empowerment to own your role as a proactive educator
- Collaborative work environment
- Support and encouragement for experimentation and educated risks
- Team support and assistance in achieving goals