Security Engineer 1, Application Security

You will contribute to security assessments of client software, identify vulnerabilities across applications and systems, own pieces of client engagements, develop tools, perform threat modeling, and translate findings into actionable recommendations for engineers.

Responsibilities

Lead security assessments for specific components, modules, or systems within larger client engagements.
Find and validate real vulnerabilities in application code and systems; explain exploitation paths and impact.
Design and build security testing tools and automation for vulnerability detection.
Conduct threat modeling and architecture reviews of software systems; identify attack surfaces and mitigations.
Translate technical findings into clear, actionable recommendations for engineering teams; own client relationships for your component.
Contribute to security research initiatives and stay on the cutting edge of vulnerability research and application security.

Requirements

Proven ability to find and validate real vulnerabilities through methods such as CTF wins CVEs bug bounty or security research
Strong code analysis skills able to read complex code and identify logic flaws
Hands on coding proficiency in Rust Go C C++ Python JavaScript or TypeScript
Memory safety understanding and familiarity with mitigations such as ASLR DEP CFI
Deep systems knowledge including operating systems IPC privilege boundaries and OS internals
Autonomous problem solving and ability to drive engagements without handholding
Clear technical communication to explain security findings to engineers

Benefits

Company paid health dental vision disability and life insurance
401(k) with 5% match
20 days of paid vacation
4 months of parental leave
Relocation assistance up to $10,000 for NYC move
Working-from-Home stipend of $1,000
Annual Learning and Development stipend of $750
Company sponsored all-team celebrations including travel and accommodation
Philanthropic contribution matching up to $2,000 annually