Security Engineer, Application Security

About The Position

Requirements

• Application Security Expertise: Extensive experience in software security, with demonstrated ability to identify and mitigate application and system-level vulnerabilities in code across complex enterprise software and understanding of security controls.
• Assessment Experience: Track record of conducting technical security assessments of software, including software and system hardening, security policy analysis, and implementing effective security measures; Experience with Android, iOS, and/or macOS system internals a plus.
• Technical Capabilities: Deep understanding of system internals and security boundaries, experience with manual code reviews, static and dynamic analysis tools, expertise in secure development practices, experience with binary analysis and reverse engineering, and understanding of memory corruption vulnerabilities and mitigations.
• Programming Proficiency: Strong knowledge of multiple programming languages such as Rust, Golang, Kotlin, Swift, Objective-C, JavaScript/TypeScript, Python, Ruby, C and/or C++ for both security analysis and tool development.
• Communication Skills: Ability to effectively communicate complex security concepts to diverse stakeholders and deliver clear, actionable recommendations.

Nice To Haves

• Assessment Experience: Track record of conducting technical security assessments of software, including software and system hardening, security policy analysis, and implementing effective security measures; Experience with Android, iOS, and/or macOS system internals a plus.

Responsibilities

• Security Assessment: Conduct comprehensive low-level code security assessments across applications, examining vulnerabilities in system services, access control implementation, inter-process communication, and platform security controls while developing mitigation strategies.
• Security Tool Development: Design and implement custom security tools for automated vulnerability detection, focusing on both application-specific and general security testing needs to bridge the gap between vulnerability research and application security.
• Architecture Review: Perform detailed architecture reviews and threat modeling of complex software systems and cloud environments, identifying potential security weaknesses in areas such as data flows, authentication mechanisms, and API security while providing remediation guidance.
• Client Engagement: Work directly with industry-leading teams to review their application infrastructure and architecture, helping secure their environments through deep technical analysis and recommendations.
• Research & Innovation: Contribute to the advancement of application security, developing new methodologies and tools while staying up to date with the latest security developments in both traditional and emerging technology ecosystems.

Benefits

• Competitive salary complemented by performance-based bonuses.
• Fully company-paid insurance packages, including health, dental, vision, disability, and life.
• A solid 401(k) plan with a 5% match of your base salary.
• 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations.
• 4 months of parental leave to cherish the arrival of new family members.
• Our team is global and remote-first. However, if you are interested in moving to NYC, we offer $10,000 in relocation assistance to support your transition.
• $1,000 Working-from-Home stipend to create a comfortable and productive home office.
• Annual $750 Learning & Development stipend for continuous personal and professional growth.
• Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements.
• Philanthropic contribution matching up to $2,000 annually.