Gradle is the build tool of choice for millions of developers around the globe and is the official build tool for Android applications. Developing Gradle is a dynamic and demanding engineering challenge, with the reward of significant industry impact and collaboration with some of the world's best software teams.
Our software is used by some of the world's leading software organizations, such as Netflix, Airbnb, Spotify, and Twitter. We regularly collaborate with these and other users to make our products continuously better.
Gradle Build Tool is an important component in the overall supply chain security of software. We work with major software vendors and industry-wide initiatives to make the software ecosystem more secure.
We are looking for an Application Security Engineer for Gradle Build Tool to help us create and deliver safe and secure software to our users, as part of a collaborative team.
Our ideal candidates have deep expertise in and are passionate about secure software development and DevSecOps principles. They are able to use technical expertise to help create secure software, and interpersonal skills to proactively develop and improve security related aspects of the software delivery process. They need to be able to collaborate with industry experts on broader security-related initiatives.
- Protecting Gradle Build Tool and its ecosystem including the Plugin Portal against supply chain attacks
- Representing Gradle in industry-wide security-related initiatives
- Collaborating with feature teams during design and development to deliver secure implementations
- Managing discovered and reported application vulnerabilities, from analysis through to disclosure
- Fixing some of the detected security vulnerabilities and doing code reviews for others
- Proactively increasing knowledge of secure coding practices amongst the wider development team and organization
- Extensive knowledge of software vulnerabilities and their remedies
- Experience programming in Java
- Experience developing and executing an application security program
- Ability to develop, maintain and operate software security tooling and automation
- Working proficiency and communication skills in written and verbal English
- Experience with using build systems
- Interest in developer tooling
- Experience contributing to open-source projects
What we offer
- Work on a fast-growing product with millions of users and a clear vision for the future
- Cooperation with passionate and experienced engineers and the opportunity to learn from them regardless of your experience level
- Ability to work from any place on the planet in a remote-first environment with flexible working hours
- Opportunities for growth in technical and leadership responsibilities
- Attractive compensation package including company equity
- Anywhere in the world with working conditions that allow for seamless collaboration with your colleagues through email, chat, and video streaming
While our team works remotely and is spread across the globe, we deeply value daily interactions and collaboration. We require working hours to overlap with team member timezones (EMEA or US East)
How to apply
The following is required with your application:
- Submit your cover letter, answers to our application questions and resume via the form below
The next steps will follow our recruitment process.
We are a diverse and inclusive workplace with a global multicultural team that learns from and respects each other. We are committed to advancing diversity and inclusion forward by investing resources in company-wide inclusion trainings, improving recruitment processes and contributing to groups that are committed to advancing racial/social justice and equality.
Gradle is an equal opportunity employer. We welcome people of different backgrounds, experiences, abilities, and perspectives and consider all qualified applicants without regard to race, color, national origin, citizenship status, gender, gender identity or expression, sexual orientation, religion, disability, age or any other applicable characteristics protected by law.
For information about our collection, use, and disclosure of applicants’ personal information as well as applicants’ rights over their personal information, please see our Job Applicant Privacy Notice.