Senior Application Security Engineer
LoopSalary not specified
- Full Time
- Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
Candidates should possess extensive experience in software security, demonstrating the ability to identify and mitigate application and system-level vulnerabilities in code. Strong knowledge of application security principles, secure coding practices, and vulnerability assessment methodologies is required. Experience with low-level code analysis, system architecture, and security boundaries is also necessary.
Responsibilities
The Senior Security Engineer, Application Security will conduct comprehensive low-level code security assessments across applications, examining vulnerabilities in system services, access control implementation, inter-process communication, and platform security controls while developing mitigation strategies. They will design and implement custom security tools for automated vulnerability detection, focusing on both application-specific and general security testing needs to bridge the gap between vulnerability research and application security. The role involves performing detailed architecture reviews and threat modeling of complex software systems and cloud environments, identifying potential security weaknesses and providing remediation guidance. Furthermore, the engineer will work directly with industry-leading teams to review their application infrastructure and architecture, helping secure their environments through deep technical analysis and recommendations, and contribute to the advancement of application security by developing new methodologies and tools.
Skills
Security Assessments
Low-level Code Analysis
System Architecture
Security Boundaries
Access Controls
Platform Security
Vulnerability Analysis
Cloud Security
Security Misconfiguration Detection
Privilege Escalation
Security Boundaries Review
Trail of Bits
Cybersecurity consulting and security research services
About Trail of Bits
Trail of Bits provides cybersecurity services focused on high-end security research and consulting for organizations facing complex security challenges. They specialize in areas such as reverse engineering, cryptography, virtualization, malware, and software exploits. Their services include security audits, secure deployment consulting, and developing solutions to address security vulnerabilities. The company caters to a diverse clientele, including major tech companies and government agencies, and generates revenue through consulting fees and training courses aimed at enhancing the skills of security teams. Trail of Bits distinguishes itself from competitors with its tailored consulting services and a strong emphasis on workplace culture, recognized as one of the best places to work. The goal of Trail of Bits is to help organizations effectively protect their systems and data from security threats.
Key Metrics
New York City, New YorkHeadquarters
2012Year Founded
$5.2MTotal Funding
SEEDCompany Stage
Consulting, CybersecurityIndustries
51-200Employees