Senior Engineer - Application Security

Senior Engineer – Application Security

Have previously worked in an AppSec or other software-focused role such as DevSecOps engineer, SRE, or platform engineer.
Have experience with modern principles of deploying software in containers across multiple teams and infrastructure environments.
Have experience with static and dynamic application security tooling and testing (SAST/DSAT).
Have experience with continuous integration environments, writing testable software, and test-driven development.
Have working knowledge of the OWASP Top 10 web and mobile controls as well as risk-based security practices, including threat modeling.
Hands on experience with cloud security, preferably in an AWS and Kubernetes environment.
Program expertly in at least one high-level language such as Go, Scala, Python, or Ruby.

Being responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios.
Working with Strava engineers to create secure-by-default solutions to business problems.
Building empathy for your fellow engineers by developing a deep understanding of the product development process end-to-end.
Seeking out engineering solutions to problems and eschewing toil.

Can improvise and adapt. Rote processes won’t always work here, so bring your bag of tricks.
Are a strong, clear, and proactive communicator who values sharing knowledge with others. We are a distributed company spread across many time zones, dependent on many forms of communication to collaborate and achieve our goals.