This job post is closed and the position is probably filled. Please do not apply.
π€ Automatically closed by a robot after apply link
was detected as broken.
Description:
Webflow is seeking a Staff Application Security Engineer to enhance secure development practices, including secure coding, tooling, and procedures.
This is a full-time, permanent, exempt position that is remote-first, available to candidates in the United States and parts of Canada.
The cash compensation is based on geographic market zones, with specific salary ranges for the United States and Canada.
The role includes participation in a company-wide bonus program based on performance.
The Staff Application Security Engineer will report to the Manager of Application Security.
Responsibilities include collaborating with the engineering team to secure the web application platform, implementing security best practices in the software development lifecycle, supporting compliance frameworks, identifying security vulnerabilities, contributing to code and architecture improvements, and mentoring junior engineers.
Requirements:
Candidates must have 7+ years of experience in application security, including at least 2 years focused on software development related to security.
A passion for security and a willingness to share knowledge by explaining complex concepts to colleagues is essential.
Expertise in secure software design, secure coding, and web application security is required, along with a commitment to risk reduction.
Experience with Threat Modeling, penetration testing, and identifying complex application vulnerabilities is necessary.
Candidates should have a background in software supply chain security and experience leading bug bounty programs and security tooling initiatives.
Proven ability to implement and improve secure development lifecycle (SDLC) processes is required.
Experience in leading complex security projects and application security roadmaps in collaboration with engineering teams is essential.
Candidates should have experience mentoring other application security engineers and promoting security best practices across organizations.
Benefits:
Employees will receive equity ownership (RSUs) in a growing, privately-owned company.
The company offers 100% employer-paid healthcare, vision, and dental insurance for full-time employees and their dependents.
There is a provision for 12 weeks of paid parental leave for all caregivers, along with additional pregnancy disability leave for birthing parents.
Flexible PTO and a sabbatical program are available for all locations.
Employees have access to mental wellness resources, professional coaching, therapy, and an Employee Assistance Program.
Monthly stipends are provided to support work and wellness.
A 401k plan or pension schemes are available, along with other financial wellness benefits.