Senior Application Security Engineer (Remote US)
ExpediaFull Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Candidates should possess a BA/BS in Computer Science, Cybersecurity, or a related field, or equivalent industry experience, along with over 5 years of experience in application security and vulnerability management. A deep understanding of software security vulnerabilities (CVEs, OWASP Top 10, supply chain risks), security design principles (authentication, authorization, RBAC, database security), and experience with SAST, DAST, dependency scanning, and vulnerability management tools are required. Familiarity with package managers and securing open-source dependencies, coding experience in languages like Go, Python, Java, or C++, hands-on cloud-native security experience (AWS, GCP, Azure), and knowledge of container, Kubernetes, and microservices security are essential. The ideal candidate will demonstrate a proactive approach to security and strong problem-solving skills.
The Application Security Engineer will implement and improve the vulnerability management lifecycle, ensuring the entire tech stack is free from known vulnerabilities. Responsibilities include continuously scanning, monitoring, and patching OSS dependencies, integrating SAST, DAST, and dependency scanning tools into the CI/CD pipeline, and defining best practices for secure coding. The role involves ensuring secure SDLC posture through design reviews, secure code reviews, and penetration testing, developing automated security validation tests, and leading the adoption of security solutions. Additionally, the engineer will provide security guidance, training, and mentorship to foster a security-first culture.
AI-powered search tool for workplace productivity
Glean enhances workplace productivity by providing an AI-powered search tool that works across all applications within a company. This tool utilizes deep learning-based Language Models to understand natural language queries, allowing users to find information more easily. It continuously learns from the specific language and context of a company, improving the relevance of search results without manual adjustments. Additionally, Glean offers a chat assistant that can analyze and summarize information from various company documents and conversations, further increasing efficiency. Unlike many competitors, Glean's focus on natural language processing and its ability to adapt to a company's unique context set it apart. The goal of Glean is to streamline information retrieval in the workplace, making it accessible and efficient for all types of organizations, from startups to large enterprises.