Senior Application Security Engineer (Remote Eligible)

Apply for this position Please mention DailyRemote when applying
Posted 11 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Smartsheet is looking for a Senior Application Security Professional to join our DevSecOps / product security team.

The Smartsheet Information Security team owns the entire portfolio of product security practices and focuses on a tools-based approach that automates the detection of commonly identified security weaknesses, eliminates risk through secure frameworks and paved-path designs, and empowers engineering to build products quickly and securely. Trust is one of our core values, and as an engineering organization, trust requires maintaining and improving on systems that secure our customers' data.

You will report to our Director of Product and Application Security. Work will begin remotely (available in registered states only) until deemed safe to return to the office, after which both onsite and remote options will remain available.

You Will:
  • Be an integrated collaborator and resource with the development and engineering teams to help address security within the application/service
  • Lead the pen test program that ensures products are developed to meet security standards
  • Lead the bug bounty program
  • Assess and validate security vulnerabilities and support engineering efforts to design remediation/mitigation solutions
  • Participate in the security champions program and help advocate for secure development practices
  • Contribute to architecture and design of applications and services
  • Automate security testing as part of the development lifecycle
  • Perform application threat modeling
  • Perform static and dynamic testing
  • Evaluate and implement AppSec technologies and tools
  • Help establish application and product security standards

You Have:
  • Verifiable expertise in application security for web-based and cloud applications
  • Senior-level knowledge of authentication and authorization systems
  • Familiarity with SAST/DAST tools
  • Strong understanding of DevSecOps frameworks and concepts (BSIMM, shift-left , etc. )
  • 4+ years of experience in application and/or product security
  • Comprehensive knowledge of common application security attack vectors and security best practices to mitigate application attacks (e.g. OWASP )

Perks & Benefits:
  • 100% employer-paid medical, dental, and vision coverage for full-time employees
  • Equity - Restricted Stock Units (RSUs) with all offers
  • Lucrative Employee Stock Purchase Program (15% discount)
  • 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)
  • Monthly stipend to support your work and productivity
  • Flexible Time Away Program, plus Incidental Sick Leave
  • Up to 24 weeks of Parental Leave
  • Personal paid Volunteer Day to support our community
  • Opportunities for professional growth and development including access to LinkedIn Learning online courses
  • Company Funded Perks, including a counseling membership, primary care membership, local retail discounts, and your own personal Smartsheet account
  • Teleworking options from any registered location in the U.S. (role specific)

Equal Opportunity Employer:

Smartsheet is an Equal Opportunity Employer committed to fostering an inclusive environment with the best employees. We provide employment opportunities without regard to any legally protected status in accordance with applicable laws in the US, UK, and Australia. If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know.

At Smartsheet, we strive to build an inclusive environment that encourages, supports, and celebrates the diverse voices of our team members who also represent the diverse needs of our customers. We're looking for people who are driven, authentic, supportive, effective , and honest. You're encouraged to apply even if your experience doesn't precisely match our job description -if your career path has been nontraditional, that will set you apart. At Smartsheet, we welcome diverse perspectives and people who aren't afraid to be innovative -join us!