Job Expired - Click here to search for similar jobs
Job Description
What's the role?
Etsy is seeking a Senior Security Engineer to join our Application Security team. As part of the larger Security and Privacy Engineering org, we help product teams build secure software and develop and maintain security critical parts of our web application. We do this by partnering at the design stage for larger features, reviewing code, developing threat models, performing pentests, and leading security initiatives.
This role is focused on the security assessments part of the program. In it, you'll be tasked with discovering impactful vulnerabilities that can't be found with off-the-shelf tools or scanners. It will require you to develop in depth threat models and dive deep into our tech stack and code bases. You'll work with engineering teams to develop mitigation strategies for the vulnerabilities you discover, and we will also rely on your expertise to provide security feedback to new project and service proposals.
This is a full-time position reporting to the Engineering Manager - Application Security and the base salary range will be (phone number removed) - (phone number removed) USD per year. In addition to salary, you will also be eligible for an equity package, an annual performance bonus, and that support you and your family as part of your total rewards package at Etsy.
For this role, we are considering candidates based in the United States. Candidates living within commutable distance of Etsy's Brooklyn Office Hub or in the San Francisco Bay Area may be the first to be considered. For candidates within commutable distance, Etsy requires in-office attendance once or twice per week depending on your proximity to the office. Etsy offers different work modes to meet the variety of needs and preferences of our team. Learn more details about our work modes and workplace safety policies .
What's this team like at Etsy?
At Etsy, we believe that code is craft, and that the work we do is part of a larger creative culture represented by the artists and designers who make Etsy such a unique marketplace. We believe that small, empowered, self-motivated teams can do big things. We measure and test our work, take advantage of our pioneering continuous deployment system, and cultivate a blameless culture based on trust and a commitment to learning. Learn more about our engineering philosophies, tools, and some of the challenges we've been solving on our Engineering blog:
What does the day-to-day look like?
Mentor other application security engineers
Lead threat modeling exercises
Select penetst targets and lead pentest
Guide teams through remediation discussions
Research new attack vectors and technologies
Develop proof of concept exploits for novel findings
Perform security focused code reviews
Support development teams during the design phase of development
Identify opportunities where we can address classes of vulnerabilities or areas of risk
Of course, this is just a sample of the kinds of work this role will require. You should assume that your role will encompass other tasks, too, and that your job duties and responsibilities may change from time to time at Etsy's discretion, or otherwise applicable with local law.
Date Posted: 21 March 2024
Job Expired - Click here to search for similar jobs