Security Engineer, Application Security (Remote)
Updater (View all Jobs)
1. Begin-at-home assignment highly relevant to role 2. Present and discuss take-home during on-site.
Programming Languages Mentioned
Moving is one of the most universally relatable problems. Most of us have moved at least once and everyone thinks moving is painful. Updater is solving that pain at scale. We’re a well-funded and growth-focused company, with technology that touches nearly 50% of all household moves in the US annually, and we’re growing quickly. We’ve redefined an age-old industry and thousands of moving companies depend on our category-leading platform.
Your role is an Archimedes lever in our pursuit to deliver a product that is fast, scalable, stable, safe, and compliant. As an expert in security who comes from a developer background, you will be in the perfect position to support the software engineering teams (PODs) you are matrixed into.
Software engineers have their responsibilities in our “shared security responsibilities” but your role is a unique bridge where you can help guide the security strategy based on what you are seeing to PODs you support need to be successful. Is time being spent on updating base images? Help design a process so all future deployments are patched by default. Are PODs dealing with the same class of vulnerability over and over? Help design and implement secure libraries and frameworks to address the root cause. The role requires empathy, creativity, and an eye for systems thinking. Security is at the heart of what we are building at MoveHQ and we want every engineer to be set up for success, come explore the role and see if this is the right move for your career.
About the Role
- Being a “go-to” resource for the security champion for each POD
- Participating in application architecture meetings
- Perform security-focussed code reviews
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities
- Assist in the development of security processes and automated tooling that prevent classes of security issues (ie. Secrets in Code, Cross-Site Scripting, etc)
- Support our bug bounty program
- Coordinating penetration tests from our security partners
- Testing the efficacy of our security controls
- 5yrs of secure developer experience
- Strong experience working closely with developers
- Familiarity and ability to explain common security flaws and ways to address them (e.g OWASP)
- Strong understanding and experience with common security libraries, security controls, and common security flaws
- Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools)
- Bonus - You are an avid reader of https://betterappsec.com/ and/or https://tldrsec.com
Updater makes moving easier for the 12 million households that relocate every year in the US. With Updater, users seamlessly forward mail, transfer utilities, connect TV and internet, and much more. Thousands of the most prominent real estate companies in the US (from real estate brokerages to multifamily and relocation companies) rely on Updater’s real estate products to save clients hours with a branded and personalized Updater moving experience.
Headquartered in New York City, Updater has raised over $450 million from leading investors, including SoftBank Capital, Vista Credit Partners, IA Ventures, Commerce Ventures, Second Century Ventures (the strategic investment arm of the National Association of Realtors®), and more. Updater has ranked on Crain's Best Places to Work in NYC in 2016, 2018, & 2021. For more information, please visit www.updater.com.
Updater is proud to be an equal opportunity employer and will consider all qualified applicants regardless of color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender identity or expression, veteran status, actual or presumed belonging to an ethnic group, or any other legally protected status. If you have a disability or special need that requires accommodation, please let us know.
Please mention No Whiteboard if you apply!
I'm a one-man team looking to improve tech interviews, and could use any support! 😄