Remote Senior Application Security Developer

at Upgrade

Posted 5 days ago 1 applied

Description:

  • Upgrade is a fintech company that provides affordable and responsible credit, mobile banking, and payment products to everyday consumers.
  • The company was the fastest growing in the Americas last year according to the Financial Times and Upgrade Card was the fastest growing credit card in America for two consecutive years.
  • Upgrade has delivered over $33 billion in affordable and responsible credit to 5.5 million customers and is valued at $6.3 billion.
  • The company fosters an energizing, collaborative, and inclusive culture where team members support each other and innovate.
  • Upgrade has been recognized as a “Best Place to Work in the Bay Area” for three consecutive years and has received awards for diversity, women, culture, and veterans.
  • The Senior Application Security Developer will help scale static and dynamic code analysis, handle manual and automated pen-testing, and lead the improvement of the AppSec posture.
  • The role involves collaboration with DevOps, QA, and Engineering to enhance the security of applications in a cloud (AWS) microservices environment.

Requirements:

  • Candidates must have 5+ years of relevant work experience.
  • Experience with agile development processes and integrating secure development practices is required.
  • Proficiency in writing and testing web applications, mobile applications, and microservices is necessary.
  • Familiarity with GraphQL architecture and security best practices is expected.
  • A basic understanding of authentication and authorization schemes, including OAuth, is required.
  • Candidates should be familiar with various development and testing tools.
  • Experience with one or more SAST, DAST, and IAST tools is essential.
  • The ability to explain vulnerabilities and weaknesses, and discuss effective defensive techniques is necessary.
  • Experience with cyber security attacks and mitigation methods, including red/blue team experience, is required.
  • Candidates should have experience with web applications and browser security, security assessments, penetration testing, identity and access control, applied cryptography, and security protocols.
  • Expertise in analytics and threat intelligence techniques, incident response processes, and software security is required.
  • Experience in IT supply-chain risk management and assurance, as well as cloud security operations, is necessary.
  • Basic familiarity with Python for security tool automation is a plus.

Benefits:

  • The position offers a competitive salary and stock option plan.
  • Employees receive 100% paid coverage of medical, dental, and vision insurance.
  • Flexible PTO is provided to support work-life balance.
  • A competitive 401(k) and RRSP program is available.
  • Opportunities for professional growth and development are offered.
  • Paid parental leave is included as a benefit.
  • Health and wellness initiatives are part of the benefits package.

Get realtime job alerts

Be the first to know about new jobs

Join Telegram Community or Join Discord Community