Security Engineer

Coda is seeking an experienced security engineer to join their team. The role involves designing and developing security features, implementing security policies, and driving Secure Development Lifecycle initiatives. The engineer will also be responsible for managing bug bounty and pen-test programs, as well as collaborating with cross-functional teams to provide security guidance. The ideal candidate should have a technical background, proficiency in programming languages, and extensive experience in web application security.

• Design, develop, and support security features
• Design and develop systems and processes to secure Coda infrastructure
• Drive Secure Development Lifecycle initiatives like establishing best-practice security policies across the company, threat model reviews & security-focused code reviews
• Manage our public bug bounty and third party pen-test programs
• Collaborate with cross-function teams to provide guidance on security

• Bachelor's degree or equivalent experience in a technical focused discipline such as computer science, engineering or math
• Proficiency with Python, JavaScript, TypeScript or NodeJS, or any other modern programming language
• 5+ years experience in web application security
• Knowledge of web-based security protocols & frameworks
• Knowledge of network security, authentication, and cryptography
• Knowledge of AWS infrastructure with a particular focus on security (IAM, Role-based security, etc)

• Highly competitive cash compensation, equity, and benefits
• Medical, Dental, Vision and Life Insurance
• 401k
• Optional Remote or in-office work
• Commuter Benefits
• Cell & Internet Subsidy
• Lunch Subsidy
• Fitness Subsidy
• Parental Leave
• Annual Educational Stipend