Lead Application Security Engineer

The Lead Application Security Engineer at Apollo.io will be responsible for establishing and managing the AppSec program, ensuring the implementation of secure software development practices, and reducing the risk of security issues in the tech stack. They will collaborate with the engineering team to create a secure SDLC, select or develop tools for building secure code, and provide security architectural advice. Additionally, they will manage issues from penetration tests and bug bounty programs, oversee the security champions program, and assist in incorporating security requirements into new products. The ideal candidate should have a strong background in development, security experience in the AppSec domain, and proficiency in Linux and software development languages like Ruby.

• Own all aspects of the secure SDLC
• Select or build tooling to help developers build secure code
• Provide overall security architectural advice to Engineering and IT
• Manage issues sourced from penetration tests and bug bounty programs
• Manage security champions program
• Help Product, Engineering and IT incorporate security requirements into new products from inception
• Assist in the creation and maintenance of Security Risk Models for new projects and existing systems

• 7+ years of development with some security experience in the AppSec domain
• Strong Linux knowledge
• Strong software development skills ideally in Ruby or similar languages
• Ability to influence others
• Knowledge of common AppSec practices

• Great compensation package
• Culture that thrives in openness and excellence
• Remote-first inclusive organization
• Clear expectations and environment to do your best work
• Ample reward for your work
• Development of remote employees' careers
• Empowerment to own your role as a proactive educator
• Collaborative work environment
• Support and encouragement for experimentation and educated risks
• Whole team remotely by your side to help you