Application Security Engineer
Airtable (View all Jobs)
San Francisco, CA
Interview Process
1. Take home project that resembles a problem Airtable solves for 2. Five hour on-site which includes a discussion of the project, UI design, discussing architectural tradeoffs, and code debugging.
Salary
$170,000
Programming Languages Mentioned
C#, JavaScript
Airtable is the no-code app platform that empowers people closest to the work to accelerate their most critical business processes. More than 500,000 organizations, including 80% of the Fortune 100, rely on Airtable to transform how work gets done.
Airtable's mission is to enable anyone to create software. Users can only create fearlessly when they trust that their data is safe with us. Therefore, security is built into everything we do: product design, feature development, architecture, operations, and customer support. We're building a world-class cybersecurity team, seeking the brightest minds to innovate and create real solutions that solve the challenges facing the internet community. To accomplish this, our team will be performing research, serving as subject matter experts, and presenting our work at conferences.
We are looking for an Application Security Engineer to help drive and implement technical strategies, innovative tooling, research, and processes. You'll collaborate and partner with cross-functional teams to help define and execute innovative AppSec strategies and help build a best-in-class AppSec program.
This person will need to be in our San Francisco office 2-3 times per week.
What you'll do
- Drive security into design and development through performing application security reviews, architecture and design reviews, threat modeling, including code reviews and application security testing.
- Partner and collaborate with development teams to support application vulnerability remediation efforts.
- Develop automated security testing to validate secure coding best practices.
- Perform application security testing to identify vulnerabilities in the core platform and services.
- Support Airtable’s bug bounty program.
- Support and consult with product and development teams in the area of application security.
- Promote security awareness through developing and delivering security training.
- Improve security frameworks, tools, processes and methodologies.
Who you are
- 3+ years of experience
- Experience with OWASP best practices, SAST, DAST, and other common security tools.
- Strong understanding and experience with common web application security flaws, security controls, and common security libraries.
- Experience identifying security issues in applications through code review, threat modeling, pen testing, manually and with tools.
- Development experience and skills, preferably with TypeScript and Node.JS.
- Basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
- Strong interpersonal skills and experience working with developers to promote secure SDLC.
- Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.
Airtable is an equal opportunity employer. We embrace diversity and strive to create a workplace where everyone has an equal opportunity to thrive. We welcome people of different backgrounds, experiences, abilities, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any characteristic protected by applicable federal and state laws, regulations and ordinances. Learn more about your EEO rights as an applicant.
VEVRAA-Federal Contractor
If you have a medical condition, disability, or religious belief/practice which inhibits your ability to participate in any part of the application or interview process, please complete our Accommodations Request Form and let us know how we may assist you. Airtable is committed to participating in the interactive process and providing reasonable accommodations to qualified applicants.
Compensation awarded to successful candidates will vary based on their work location, relevant skills, and experience.
Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation. To learn more about our comprehensive benefit offerings, please check out Life at Airtable.
Please see our Privacy Notice for details regarding Airtable’s collection and use of personal information relating to the application and recruitment process by clicking here.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄