Application Security Engineer

  • San Francisco, CA, USA
  • Full-time
  • Department: Product & Engineering

Company Description

Tradeshift is disrupting a stale e-invoicing, procure to pay, and financial solutions market. We are connecting companies of all sizes and providing them with the platform and network needed to create value from old processes like procurement, invoicing,  payments, and workflow. Tradeshift is redefining an enterprise space that has seen little change in many years. We recognize that business is messy and business is social. Understanding these two facts drives the development of Tradeshift - a platform for all your business interactions. 

About The Role: 

We believe in an integrated approach to application security and that prevention is better than a cure.  We also believe that communication skills and the ability to help others can amplify the impact of an engineer 10x.  We take security very seriously and work very hard to include it throughout our software lifecycle from the design process all the way through how we operate the platform.

Job Description

 

  • Perform security related design and implementation reviews for the platform
  • Automate to improve the abilities of other engineers to develop and maintain secure code
  • Find and remediate security flaws across the software stack
  • Coordinate with researchers on our bug bounty program to close exposed vulnerabilities
  • Consult across teams on secure architecture design and implementations
  • Propose, evaluate and build innovative new security features to benefit our users
  • Assist with security incident response as needed
  • Be a security evangelist across all of Tradeshift
  • Train other developers to help them build more secure products
  • Work with external pen testers to continually improve security on the platform

 

Qualifications

 

  • Great communication skills to help build a strong security culture
  • Expertise in conducting design reviews and remediating security issues in existing code
  • Ability to help resolve flaws and errors in an empathetic manner
  • Solid foundation in web application security including Node.Js applications
  • Experience with penetration testing against applications
  • Deep proficiency in Java development, Groovy and Grails a plus
  • Experience working with sensitive data like credit cards and other PII
  • Proficiency in implementing sandboxing solutions
  • BS in Computer Science or a related technical field / equivalent experience
  • 4+ years of industry experience engineering web facing systems

 

Additional Information

Culture:

Our culture was formed from day one when three Danes poured their heart and soul into creating a platform that could connect every business in the world. We expect each employee to approach their job at Tradeshift with the same amount of pride and passion and embody the Tradeshift culture that makes us the best company in history.

Shifters come from various backgrounds and nations, and we all thrive off challenging the status quo. We take pride in nurturing employee happiness, encouraging personal development, and welcoming teammates from all walks of life.

We value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

The Perks:

  • Career and professional development opportunities

  • Flexible hours and vacation policy

  • Supplemented cell phone plan

  • Lunch provided daily from local SF eateries and snacks

  • Fully paid 6 months parental leave
  • A competitive compensation package + equity

  • 100% covered medical, dental and vision benefits

  • Life, short and long-term disability insurance

  • 401k

  • Wellness and volunteer Programs

  • Fun company events like happy hours, outings and much more!

All your information will be kept confidential according to EEO guidelines.

Privacy Policy