Airtable's mission is to enable anyone to create software. Users can only create fearlessly when they trust that their data is safe with us. Therefore, security is built into everything we do: product design, feature development, architecture, operations, and customer support. We're building a world-class cybersecurity team, seeking the brightest minds to innovate and create real solutions that solve the challenges facing the internet community. To accomplish this, our team will be performing research, serving as subject matter experts, and presenting our work at conferences.
We are looking for an Application Security Engineer to help drive and implement technical strategies, innovative tooling, research, and processes. You'll collaborate and partner with cross-functional teams to help define and execute innovative AppSec strategies and help build a best-in-class AppSec program.
Learn more about our Engineering team and values here.
What you'll do
- Drive security into design and development through performing application security reviews, architecture and design reviews, threat modeling, including code reviews and application security testing.
- Partner and collaborate with development teams to support application vulnerability remediation efforts.
- Develop automated security testing to validate secure coding best practices.
- Perform application security testing to identify vulnerabilities in the core platform and services.
- Support Airtable’s bug bounty program.
- Support and consult with product and development teams in the area of application security.
- Promote security awareness through developing and delivering security training.
- Improve security frameworks, tools, processes and methodologies.
Who you are
- Experience with OWASP best practices, SAST, DAST, and other common security tools.
- Strong understanding and experience with common web application security flaws, security controls, and common security libraries.
- Experience identifying security issues in applications through code review, threat modeling, pen testing, manually and with tools.
- Development experience and skills, preferably with Node.JS and TypeScript.
- Basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
- Strong interpersonal skills and experience working with developers to promote secure SDLC.
- Be a subject matter expert (SME) of at least 1 technical area impacting the security of the product.
What We Offer
- We have your medical, dental, and vision insurance 100% covered (and your dependents covered at 80%)
- High deductible health plan available with health savings account contribution
- Complimentary One Medical membership for individuals and dependents
- Monthly “Lifestyle Wallet” to use for benefits like personal fitness (e.g., gym memberships, fitness equipment, etc.) to pet care to nutrition coaching, and more.
- Complimentary mental health support via Modern Health
- Family planning support via Carrot (fertility, adoption, and surrogacy)
- Flexible and generous time off and sick time benefits
- 16 weeks of parental leave
- Annual Learning & Development wallet to support your career development
- Emergency backup care for dependents
- Access to financial planning and legal support
- Supplemental reimbursement for Gender Affirmation procedures and services
- Access to pre-tax Transportation & Commuter Benefits
Airtable is working on the next computer revolution: one where anyone – even without technical training – can create customized applications that fit their needs, build more interconnected teams, and take part in a growing community of people who share what they create. Founded in 2012 and headquartered in San Francisco, Airtable powers teams at more than 300,000 organizations around the world. Our most recent funding round valued Airtable at $11.7 billion and raised $735 million in additional capital, and we're just getting started!