Remote Sr. Application Security Engineer

Description:

• As a Sr. Application Security Engineer at Vimeo, you will engage in a variety of activities aimed at safeguarding users' content.
• You will plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
• Collaboration with developers, infrastructure security team, compliance team, IT, Product, and other teams throughout the organization is expected.
• The role is remote and requires a love for solving puzzles and being a great team player.
• Responsibilities include penetration testing, writing code for internal automated security tools, threat modeling, code reviews, managing the bug bounty program, expanding web application firewall coverage, remediation of security issues, configuring automated tooling in the secure software development lifecycle, developer education, incident response, and collaboration with various teams.
• A typical day may involve engaging with product development teams, reviewing code for security best practices, managing bug bounty tickets, conducting penetration tests, assisting the compliance team, and providing technical advice.

Requirements:

• Required: 4+ years of prior experience in software development, devops, or site reliability engineering with hands-on coding experience.
• Preferred: prior experience in Application Security.
• 6+ total years of relevant experience in Engineering, Application Security, or a similar technical field.
• Strong knowledge of modern web, mobile, and network security is essential.
• Strong programming skills in at least one of the following languages: Python, Go, PHP, Javascript, and Ruby, with the ability to read all of them.
• Expertise in application penetration testing using tools like Burp or Zap is required.
• Confidence in working across cloud environments like AWS and GCP, with detailed knowledge of at least one cloud environment.
• Proficiency in shell scripting and common SDLC components like git, Jira, Jenkins, etc.
• Ability to communicate technical security concepts to developers is necessary.
• At least an upper-intermediate level of English is required.

Benefits:

• Vimeo offers a diverse and inclusive work environment, championing diversity, equity, and inclusion in its culture.
• The company provides opportunities for professional growth and development within a passionate and dedicated workforce.
• Employees can enjoy the flexibility of remote work.
• Vimeo is committed to creating high-quality video experiences, allowing employees to contribute to innovative projects that impact millions of users globally.