Glassdoor
Senior Application Security Engineer
Glassdoor, Charlotte, North Carolina, United States, 28245
When you work for Glassdoor, you help people everywhere get ahead in work and life. That’s because we’re moving fast to become the leading community for workplace conversations. Every day, we foster radical transparency by giving professionals a platform to connect authentically and anonymously. Think real talk with real people — plus company reviews and ratings, salary info, job listings and more.Join us as we make worklife better, together.About the RoleAs a Sr Application Security Engineer, you will be improving Glassdoor's application security posture and keeping our platform safe for millions of customers around the world! We are looking for someone who loves to analyze, test and triage application vulnerabilities, manage our public bug bounty program, participate in code and product security reviews, and help our Developers bake security into their day-to-day workflows and CICD. You will partner closely with our Product and Engineering teams, our vendors, and external testers, so solid interpersonal skills are a must. This role is a great opportunity to advance an application security program and drive remediation of security weaknesses with an enterprise-wide impact!What You'll DoBe an advocate for application security within the organizationHelp develop and maintain a risk-based application security program based on a well-defined application security frameworkEnhance and manage Glassdoor’s public bug bounty program, application security tool stack and automated security checks in the CICD pipeline to optimize vulnerability and misconfiguration detectionFind common patterns and themes within application vulnerabilities and work with Engineering teams to address the root causesParticipates in the strategic decisions related to the requirements, design, implementation, and operations of application security framework, processes, and technologyExecute security-focused code, architecture and integration reviewsCoordinate or conduct penetration testing and drive remediation efforts to completionKeep abreast of the latest security issues and technologiesOwn and improve process and procedural documentationParticipate in on-call rotation (nights and weekends) for Security Operations alert responseAssist with daily activities and functions of the Security team (including alert & incident response) to maintain security posture as well as policy and compliance commitments5+ years of experience in web application penetration testing or a security-focused application development role is a mustAWS Security, CISSP, CEH, GWEB, GCIH or equivalent certifications are preferredDeep knowledge and familiarity with Cybersecurity Framework, including NIST 800-53, NIST CSF, CIS Top 20, MITRE ATT&CK, and OWASP Top TenDeep knowledge of crypto, authentication and authorization protocols and standards, including SSL/TLS, SAML, OAuth, JWT Tokens is a mustPossess a relentless desire to (ethically) break into things and can communicate the attack scenarios and mitigation options based on standard framework is desiredAbility to automate repetitive tasks, using Python or other scripting language, is a plusAbility to work in a diverse, fast-paced environment and effectively collaborate across teamsOutstanding written and oral communication skills with demonstrated ability to clearly articulate to both a technical and functional audienceCompensation and Benefits
Base salary range*: $112,200.00 - $149,000.00
*Glassdoor base salaries are targeted to the market 75th percentile for technical roles and the 65th percentile for non-technical roles. In other words, 65-75% of comparable organizations in our industry will pay less.**
Bonuses are paid in 6-month intervals, aligning with bi-annual performance reviewsGenerous Restricted Stock Units (RSU):***Restricted Stock Units (RSU) are awarded at hire and may be refreshed annually. Additionally, as a pay-for-performance company, RSU grant awards are presented bi-annually to exceptional performers.Health and Wellness:
100% employer-paid premiums for employee medical, dental, vision, life, short and long-term disability, select well-being programs, along with 80% employer-paid premiums for all dependents.Generous paid time off programs for birthing and non-birthing parents are provided, along with paid injury/illness leave and paid family emergency leave.Coverage begins at the start of employment. After 48 months of continuous employment, 100% of all premiums for you
and
your dependents can be employer-paid!
Work/Life Balance: Open Paid Time Off policy, in addition to 15-20 paid company holidays/yearInvesting in Your Future:
401(k) plan with a company match up to $5,000 per year, subsidized fertility and family planning services, and discounted legal assistance services.Our Commitments
Come as you are:
At Glassdoor diversity is not a slogan; it’s a core factor in our success. We welcome your background, experience and ideas because you help us understand and better serve our world. You make us stronger.Grow your career:
Glassdoor is small enough for you to see the impact of your contributions, while large enough to offer significant resources and endless opportunities to grow. This is a great place to make a career.Find your people:
Ask anyone who works here: it’s the people who make the difference. We are a group of well-rounded humans who support one another and work hard together to bring the Glassdoor mission to life.Discover flexibility:
With flexible hours and a where-to-work policy, Glassdoor allows you to take on professional and personal responsibilities — enhancing both productivity and your well-being.Glassdoor is committed to equal treatment and opportunity in all aspects of recruitment, selection and employment without regard to race, color, religion, national origin, ethnicity, age, sex, marital status, physical or mental disability, gender identity, sexual orientation, veteran or military status or any other category protected under the law. Glassdoor is an equal opportunity employer; committed to creating a community of inclusion, and an environment free from discrimination, harassment and retaliation.Where-to-Work PolicyBeing a remote-first company, Glassdoor employees can live anywhere Glassdoor is a registered company. Requests to move must be approved by an employee’s manager and the People team. While we will try our best to support relocation requests, some requests may not be approved due to various tax, legal, or other restrictions.Enjoy Remote and Explore: Employees authorized to work in their current location may Work Away for up to a total of 30 (thirty) working days in a calendar year without permanent relocation and compensation change. Employees on visas may work Work Away for up to a total of 20 (twenty) working days in a calendar year without permanent relocation and compensation change. The amount of time and location for Work Away must be approved by the employee’s manager and People Operations team at least two (2) weeks in advance of travel.
#J-18808-Ljbffr
Base salary range*: $112,200.00 - $149,000.00
*Glassdoor base salaries are targeted to the market 75th percentile for technical roles and the 65th percentile for non-technical roles. In other words, 65-75% of comparable organizations in our industry will pay less.**
Bonuses are paid in 6-month intervals, aligning with bi-annual performance reviewsGenerous Restricted Stock Units (RSU):***Restricted Stock Units (RSU) are awarded at hire and may be refreshed annually. Additionally, as a pay-for-performance company, RSU grant awards are presented bi-annually to exceptional performers.Health and Wellness:
100% employer-paid premiums for employee medical, dental, vision, life, short and long-term disability, select well-being programs, along with 80% employer-paid premiums for all dependents.Generous paid time off programs for birthing and non-birthing parents are provided, along with paid injury/illness leave and paid family emergency leave.Coverage begins at the start of employment. After 48 months of continuous employment, 100% of all premiums for you
and
your dependents can be employer-paid!
Work/Life Balance: Open Paid Time Off policy, in addition to 15-20 paid company holidays/yearInvesting in Your Future:
401(k) plan with a company match up to $5,000 per year, subsidized fertility and family planning services, and discounted legal assistance services.Our Commitments
Come as you are:
At Glassdoor diversity is not a slogan; it’s a core factor in our success. We welcome your background, experience and ideas because you help us understand and better serve our world. You make us stronger.Grow your career:
Glassdoor is small enough for you to see the impact of your contributions, while large enough to offer significant resources and endless opportunities to grow. This is a great place to make a career.Find your people:
Ask anyone who works here: it’s the people who make the difference. We are a group of well-rounded humans who support one another and work hard together to bring the Glassdoor mission to life.Discover flexibility:
With flexible hours and a where-to-work policy, Glassdoor allows you to take on professional and personal responsibilities — enhancing both productivity and your well-being.Glassdoor is committed to equal treatment and opportunity in all aspects of recruitment, selection and employment without regard to race, color, religion, national origin, ethnicity, age, sex, marital status, physical or mental disability, gender identity, sexual orientation, veteran or military status or any other category protected under the law. Glassdoor is an equal opportunity employer; committed to creating a community of inclusion, and an environment free from discrimination, harassment and retaliation.Where-to-Work PolicyBeing a remote-first company, Glassdoor employees can live anywhere Glassdoor is a registered company. Requests to move must be approved by an employee’s manager and the People team. While we will try our best to support relocation requests, some requests may not be approved due to various tax, legal, or other restrictions.Enjoy Remote and Explore: Employees authorized to work in their current location may Work Away for up to a total of 30 (thirty) working days in a calendar year without permanent relocation and compensation change. Employees on visas may work Work Away for up to a total of 20 (twenty) working days in a calendar year without permanent relocation and compensation change. The amount of time and location for Work Away must be approved by the employee’s manager and People Operations team at least two (2) weeks in advance of travel.
#J-18808-Ljbffr