Senior Application Security Engineer at Drift
Drift is the Revenue Acceleration platform that uses Conversational Marketing and Conversational Sales to help companies grow revenue and increase customer lifetime value, faster. More than 50,000 businesses use Drift to align sales and marketing on a single platform to deliver a unified customer experience where people are free to have a conversation with a business at any time, on their terms. Our mission is to use conversations to make business buying frictionless, more enjoyable, and more human.
About the Role & Team:
Drift is seeking a Senior Application Security Engineer to help design, build, deploy and maintain secure products. We are ingraining security into the core of how we build our product from inception and design to deployment in the cloud and are seeking the right individual.
This high visibility role will work closely with Product and Engineering teams performing core application security practices like threat modeling, design review, secure code reviews, and security testing while continuously improving our SDLC.
What you’ll be doing on the Security team at Drift:
- Drive activities like application security training, requirements & standards, threat modeling, static & dynamic security testing and so on, into Drift’s development processes
- Identify, prioritize and promote security practices that create the most impact in reducing overall security risk of the application
- Provide application security guidance and oversight across Security, Engineering & Product teams
- Provide hands-on remediation guidance to development teams
- Influence the design and implementation of upcoming products and services with security and privacy by design mindset
- Take a risk-based approach, to prioritize remediation of security findings
- Develop and report metrics measuring the state of application security program
- Understand existing SDLC and identify how to improve and streamline it
- Take ownership of our Bug Bounty program, interface with researchers, and work with development teams to remediate findings
About you and what type of skills you’ll need:
- 3+ years of relevant experience
- BA/BS in Computer Science or a closely-related degree
- Strong knowledge of secure design practices such as Threat modeling and common software vulnerabilities such as CWE top 25 and OWASP Top 10.
- Experience as an application security practitioner in an Agile environment
- Experience with various development, debugging and application security tools
- Experience working with distributed teams and other cross-functional stakeholders
- Proactive, organized, analytical, detail-oriented and persistent
Drift is committed to being an equal opportunity employer
We know that applying for a new job can be intimidating. But guess what? At Drift, there is no such thing as an “ideal candidate.” We believe in the power of teamwork -- and in the desire to learn something new every day. We believe in hiring people, not just skills. Take it from our CEO.
If this sounds like a company you would like to join and a role you would thrive in, please don’t hold back from applying! Whatever skills you bring to the table or background you’re coming from, we welcome you to start a conversation with us. We need your unique perspective for our continued innovation and success. We’re looking forward to learning more about you!
Drift is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at [email protected]