Description:

The Lead Application Security Engineer will be responsible for building the AppSec program at Apollo.
This role involves interacting with engineering to create a secure Software Development Life Cycle (SDLC).
The engineer will implement tools, education, and processes to reduce the risk of security issues in the tech stack.
Responsibilities include owning all aspects of the secure SDLC.
The engineer will select or build tooling to help developers create secure code.
They will provide overall security architectural advice to Engineering and IT.
The role includes managing issues sourced from penetration tests and bug bounty programs.
The engineer will manage the security champions program.
They will assist Product, Engineering, and IT in incorporating security requirements into new products from inception.
The engineer will help create and maintain Security Risk Models for new projects and existing systems.

Requirements:

Candidates must have 7+ years of development experience with some security experience in the AppSec domain.
Strong knowledge of Linux is required.
Candidates should possess strong software development skills.
Knowledge of common AppSec issues and tooling is necessary.
The ability to influence others is essential.
Experience with cloud services, ideally Google Cloud Platform (GCP), is preferred.
Experience with vulnerability management or penetration testing is a plus.

Apollo offers a great compensation package and a culture that thrives on openness and excellence.
The company invests significant effort into developing the careers of its remote employees.
Employees are empowered to own their roles as proactive educators within a collaborative environment.
The team encourages experimentation and taking educated risks that can lead to significant wins.
Employees will have support from a remote team to help achieve their goals.