Remote Lead Application Security Engineer

Description:

• The Lead Application Security Engineer will be responsible for building the AppSec program at Apollo.
• This role involves interacting with engineering to create a secure Software Development Life Cycle (SDLC).
• The engineer will implement tools, education, and processes to reduce the risk of security issues in the tech stack.
• Responsibilities include owning all aspects of the secure SDLC.
• The engineer will select or build tooling to help developers create secure code.
• They will provide overall security architectural advice to Engineering and IT.
• The role includes managing issues sourced from penetration tests and bug bounty programs.
• The engineer will manage the security champions program.
• They will assist Product, Engineering, and IT in incorporating security requirements into new products from inception.
• The engineer will help create and maintain Security Risk Models for new projects and existing systems.

Requirements:

• Candidates must have 7+ years of development experience with some security experience in the AppSec domain.
• Strong knowledge of Linux is required.
• Candidates should possess strong software development skills.
• Knowledge of common AppSec issues and tooling is necessary.
• The ability to influence others is essential.
• Experience with cloud services, ideally Google Cloud Platform (GCP), is preferred.
• Experience with vulnerability management or penetration testing is a plus.

Benefits:

• Apollo offers a great compensation package and a culture that thrives on openness and excellence.
• The company invests significant effort into developing the careers of its remote employees.
• Employees are empowered to own their roles as proactive educators within a collaborative environment.
• The team encourages experimentation and taking educated risks that can lead to significant wins.
• Employees will have support from a remote team to help achieve their goals.