Podium is a suite of messaging tools for local business. Using our platform, businesses of all sizes can connect with customers via text to do things like request payments, collect reviews, and sell products, in a modern, convenient way. Our work streamlining this process for local businesses has awarded us recognition on top industry lists, such as Forbes’ Next Billion Dollar Startups, Forbes’ Cloud 100, the Inc. 5000 (#13), and Fast Company’s World’s Most Innovative Companies. For more about our product, watch this video. Podium has a positive, diverse, and supportive culture and was recently named one of Inc. Magazine’s Best Workplaces for 2021 (4 years in a row). We look for people who are curious, creative and work to be a little better every day. In our work together we embody our values: Be a founder, Murder drama, and Enjoy the ride.
We are looking for an Application Security Engineer to help protect and architect the solutions that will keep our products and internal systems secure. Our ideal candidate has a passion for security and is a self-driven individual with a founder mentality. We’re looking for someone who loves to tear applications apart, identify vulnerabilities, and knows how to architect a thoroughly hardened solution resilient to attackers. This position will join the Application Security team at Podium; working closely with our engineering team to help secure one of the fastest growing consumer payments platforms in the industry.
What you will be doing:
- Serve as Security voice to product teams; identifying security gaps before they arise and helping remediate any issues identified in the platform
- Providing understandable and transparent rationale for security decisions to all stakeholders
- Working with the rest of the AppSec team to maximize product security coverage
- Help to further the Security education amongst the engineers of Podium
- Building new application security measures to impact the platform as a whole
- Participate in on-call rotation for security alerts and Bug Bounty Program
- Attend an annual security conference (i.e., DEF CON, Blackhat, SAINTCON)
What you should have:
- Minimum of 3+ years of experience securing Web Applications and APIs
- 1+ years of Software / Web Development experience
- Experience using security tools such as: Burp Suite, IDA (or another RE tool), Wireshark, Kali Linux suite
- An understanding of microservices oriented architecture and the security pitfalls associated
What we hope you have:
- 6+ years of experience securing Web Applications and APIs (Senior level preferred, but not required)
- Experience in any of these core technologies: Elixir, GraphQL, React, and/or Python
- Experience in Fintech
- Been an active member in the security community (e.g. OSS Contributions, OWASP, conference talks, CTFs, etc.)
- Penetration testing experience
- Transparent culture - one of our 3 values is “murder drama,” and we believe it.
- Unlimited Vacation (yes, we want you to have a work-life balance).
- Remote-first work for Engineering & Product.
- Yearly home office upgrade stipend.
- 1+ gatherings a year bringing all of R&D together.
- 401k with a competitive matching contribution plan.
- Great medical, dental, vision benefits.
- Life insurance, long and short-term disability coverage.
- Paid maternity and paternity leave.
- Swag. Lots of swag.
Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.