FullStory’s mission is to improve the web for all users. We’re doing that by building an ambitiously high-scale platform that records, analyzes, and humanizes more customer experience data than any other technology on the web.
We are hiring for an Application Security Engineer to work closely with developers to ensure that we secure our product. FullStory’s Security Engineers exercise technology and resourcefulness to apply “bionic” controls to combat the ever-changing threat landscape.
Day to day, you’ll:
- Develop vulnerability triaging and prioritization processes, working closely with development and product teams.
- Conduct internal application security reviews as needed, while also working on deploying other proactive measures to address software vulnerabilities (e.g., code scanning prior to commits, etc).
- Coordinate and build secure coding training for all developers, utilizing both internal and external means of training.
- Work with external vendors periodically for regular pentest and web application security assessments.
This job might be for you if:
- You're well aware of reliable sources of intel on cyber threats facing small, cloud-native SaaS firms.
- You enjoy collaborating with developers and evangelizing secure coding best practices.
- You have worked with public bug bounty programs before.
- Nice to have: You have experience with public cloud infrastructures, especially around their security services.
- Nice to have: You have some experience with GCP and Kubernetes.