Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally, from rapidly growing startups to some of the world's largest enterprises. Apollo.io provides sales and marketing teams with easy access to verified contact data for over 270 million B2B contacts, along with tools to engage and convert these contacts in one unified platform. By helping revenue professionals find the most accurate contact information and automating the outreach process, Apollo.io turns prospects into customers. Apollo raised a series D in 2023 and is backed by top-tier investors, including Sequoia Capital, Bain Capital Ventures, and more, and counts the former President and COO of Hubspot, JD Sherman, among its board members. Apollo.io is growing rapidly, with 900% revenue growth since 2021, and is looking for world-class talent to keep building with us.
Your Role & Mission
The Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack.
Responsibilities
- Select or build tooling to help developers build secure code
- Provide overall security architectural advice to Engineering and IT
- Manage issues sourced from penetration tests and bug bounty programs
- Participate in the security champions program
- Help Product, Engineering and IT incorporate security requirements into new products from inception
- Assist in the creation and maintenance of Security Risk Models for new projects and existing systems
Skills & Competencies
- 5+ Years of Web Application Security experience
- Strong experience with vulnerability management, or penetration testing is required.
- Extensive experience in conducting Architectural Reviews and Threat Models frequently is required.
- Strong knowledge of common AppSec issues and tooling (e.g. SCA, SAST, DAST)
- Strong software development skills, can do coding and read code.
- Strong Communication and Influencing skills
- Should have worked in SaaS environment.
- Should have extensive knowledge of Open Redirect, OAuth, and CSRF.
- Strong Linux knowledge is a plus.
- Experience with cloud services, ideally GCP is a plus.
- Certifications: OSCP/OSWE/CEH: At least 1 Certification is a plus
#LI-JM1
What You’ll Love About Apollo
Besides the great compensation package and culture that thrives in openness and excellence, we invest tremendous effort into developing our remote employees’ careers. The team embraces that we have a sole purpose: to help customers maximize their full revenue potential on the Apollo platform. This mindset opens us up to a lot of creative approaches to making customers successful at scale. You’ll be a significant part of a lean, remote team, empowered to really own your role as a proactive educator. We’re very collaborative at Apollo, so you’ll be able to lean on your teammates, even in adjacent departments, to help you achieve lofty goals. You’ll be supported and encouraged to experiment and take educated risks that lead to big wins. And, you’ll have a whole team remotely by your side to help you do it!
