[Remote] Senior Application Security Engineer at Webflow

Argentina

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Software Development, SaaS, Web Development, E-commerce PlatformIndustries

Requirements

Candidates should have at least 3 years of application security experience with a strong background in web application security, secure coding, penetration testing, and insecure engineering practices. Proficiency with security tooling such as SCA, SAST, DAST, and API security is required, along with experience writing code for tool development, exploit scripting, or vulnerability remediation. Experience in evaluating applications for security design improvements, conducting threat modeling, and driving risk reduction through secure SDLC processes, tooling, and automation is necessary. Hands-on experience with bug bounty programs, including setup, exploit reproduction, and coordinating remediation, is expected. Familiarity with leveraging AI for security reviews and coding assistance is beneficial. Strong communication skills, a passion for security and continuous learning, and the ability to clearly share knowledge and mentor colleagues are essential. Business-level fluency in English is required.

Responsibilities

The Senior Application Security Engineer will collaborate with the engineering team to secure Webflow's web application platform and ecosystem. They will integrate security best practices into the software development lifecycle, champion security standards while balancing business strategies, and support current and future compliance frameworks. The role involves identifying security vulnerabilities through grey-box techniques, proposing architectural and code-level solutions, and contributing code and architecture improvements to enable security within Webflow's application. Additionally, the engineer will cross-train entry and mid-level application security engineers.

Skills

Application Security

Secure Coding

Security Tooling

Vulnerability Assessment

Grey-box Testing

Architecture Review

Code Review

Security Standards

Compliance Frameworks

Webflow

Visual web design and development platform

About Webflow

Webflow provides a platform for designing, building, and launching responsive websites without the need for coding. Users can create websites visually, making it accessible to those without technical skills. The platform caters to a wide range of clients, including freelancers, small businesses, and large enterprises, and is particularly favored by designers and marketers. Webflow operates on a subscription-based model, offering various pricing plans that accommodate different needs, from personal websites to advanced e-commerce solutions. Additionally, it provides hosting services and a marketplace for templates and design assets. Unlike traditional web development tools, Webflow's user-friendly interface and comprehensive features set it apart, aiming to simplify web design for everyone.

San Francisco, CaliforniaHeadquarters

2012Year Founded

$325.8MTotal Funding

SERIES_CCompany Stage

Consumer Software, Enterprise SoftwareIndustries

1,001-5,000Employees