At Cloudflare, we have our eyes set on an ambitious goal: to help build a better Internet. Today, Cloudflare runs one of the world’s largest distributed networks that powers more than 1.5 trillion page views each month across 5 million Internet properties. More than 10 percent of all global Internet requests flow through Cloudflare’s network. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code.
Our customers range from Fortune 500 companies and nonprofits to small businesses and budding entrepreneurs. Every day, about 12,000 new customers sign up. We’re working to create a faster, more secure, and more reliable experience for anyone online and given the scale at which we operate, our mission is big. Our team is hard at work shaping the future of the Internet by solving some of its toughest challenges. Come join us.
About the Role
We are looking for experienced Application Security Manager to help us in our mission to build a better internet. Part engineer, part hacker, you will work in our product security team building and breaking new products and services.
About the Department
Information Security is divided into 4 areas - Product Security, Infrastructure, Compliance and Threat Intel. The Product Security team works closely with developers and product designers, ensuring that security is baked into every new system or service Cloudflare launches. Where we find weaknesses, we try to break things before bad guys can. Our mission is to help the company launch new services as quickly and as securely as possible.
Cloudflare’s Engineering Team builds and runs the software that handles about 10% of HTTP requests on the Internet today. We also build and run the internal tools that builds and runs our software. The Engineering Team is split into two groups: one handles product development and the other handles operations. Product development covers both new features and functionality and scaling our existing software to meet the challenges of a massively growing customer base. The operations team handles one of the world’s largest networks with data centers in 110 cities worldwide.
- Use penetration testing skills and methodology to hack new applications and services
- Perform application security design reviews against new products and services
- Perform code and design reviews of internal products and services.
- Track and prioritize all security issues you find
- Build internal security tools that help fix security problems at scale
- Ability to write code and work to prioritize, fix, and understand vulnerabilities.
- Champion security in the engineering organization.
- Ability to investigate the impact of security problems.
- Strong knowledge of web application security issues.
- Be passionate about information security
- Ability to recognize application vulnerabilities and exploit them.
- Familiar with dynamic and static testing techniques
- Familiarity with fuzzing as a way to find bugs
- Familiarity with secure coding practices and the OWASP top 10.
- Working knowledge of cryptography.
- Excellent communication skills.
- Ability to be hands on and drive solutions to completion.