: Application Security Engineer
222 Berkeley St., 6th Floor
Boston, MA 02116

Video

About Drift:

Drift is the Revenue Acceleration platform that uses Conversational Marketing and Conversational Sales to help companies grow revenue and increase customer lifetime value, faster. More than 50,000 businesses use Drift to align sales and marketing on a single platform to deliver a unified customer experience where people are free to have a conversation with a business at any time, on their terms. Our mission is to use conversations to make business buying frictionless, more enjoyable, and more human.

About the Role & Team:

Drift is seeking an Application Security Engineer to help design, build, deploy and maintain secure products. We are ingraining security into the core of how we build our product from inception and design to deployment in the cloud and are seeking the right individual. 

This high visibility role will work closely with Product and Engineering teams performing core application security practices like threat modeling, design review, secure code reviews, and security testing while continuously improving our SDLC.

What youll be doing on the Security team at Drift:

  • Drive activities like application security training, requirements & standards, threat modeling, static & dynamic security testing and so on, into Drifts development processes
  • Identify, prioritize and promote security practices that create the most impact in reducing overall security risk of the application
  • Provide application security guidance and oversight across Security, Engineering & Product teams
  • Provide hands-on remediation guidance to development teams
  • Influence the design and implementation of upcoming products and services with security and privacy by design mindset
  • Take a risk-based approach, to prioritize remediation of security findings
  • Develop and report metrics measuring the state of application security program
  • Understand existing SDLC and identify how to improve and streamline it
  • Take ownership of our Bug Bounty program, interface with researchers, and work with development teams to remediate findings

About you and what type of skills youll need:

  • BA/BS in Computer Science or a closely-related degree
  • 3+ years of relevant industry experience
  • Strong knowledge of secure design practices such as Threat modeling and common software vulnerabilities such as CWE top 25 and OWASP Top 10.
  • Development experience in one or more of these technologies: Java (Jersey), Elixir (Phoenix), JavaScript (React), AWS, Kubernetes
  • Experience as an application security practitioner in an Agile environment
  • Experience with various development, debugging and application security tools
  • Experience working with distributed teams and other cross-functional stakeholders
  • Proactive, organized, analytical, detail-oriented and persistent

Drift is committed to being an equal opportunity employer

We know that applying for a new job can be intimidating. But guess what? At Drift, there is no such thing as an ideal candidate. We believe in the power of teamwork -- and in the desire to learn something new every day. We believe in hiring people, not just skills. Take it from our CEO

If this sounds like a company you would like to join and a role you would thrive in, please dont hold back from applying! Whatever skills you bring to the table or background youre coming from, we welcome you to start a conversation with us. We need your unique perspective for our continued innovation and success. Were looking forward to learning more about you!

Drift is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at [email protected]

 

Full-time