Senior Application Security Engineer

Description

The Engineering team at Fleetio is looking for a Senior Application Security Engineering who is passionate about protecting data and has a deep understanding of different attack vectors.

At Fleetio, we foster a culture of 'Product Engineers', where we value and prioritize engineers who enjoy being part of the product discovery process. Our Engineering and Product teams are structured as autonomous PODs that execute within one focal area toward a defined product vision. We strive to deliver easy-to-use software, and our goal as engineers is to quickly and continuously deliver meaningful value to our customers. We've optimized our CI/CD tools and processes to easily get code into our production environments, resulting in an average of 40 deploys per week.

Fleetio is a modern software platform that helps thousands of organizations around the world manage their fleet operations. Transportation technology is a hot market and we’re leading the charge, with raving fans and new customers signing up every day. We raised $144M in Series C in June of 2023 and are on an exciting trajectory as a company.

More about our team and company:

• Watch our culture videos: [https://fleet.io/culture>
• Fleetio overview video: [https://www.youtube.com/watch?v=IlvIbwZT3oU>
• Our careers page: [https://www.fleetio.com/careers>

This is a remote opportunity and is open to candidates in the United States, Canada, or Mexico.

Who you are

As a Senior Application Security Engineeer, you will work to continuously enhance Fleetio’s application security. You will engage in both proactive and reactive measures to ensure our applications and services are secure. You'll be tasked with performing periodic security assessments, such as penetration tests, and own resolving vulnerabilities individually or alongside our Product Engineers. Alongside this, you'll drive adoption of secure development practices via code reviews, trainings, lunch and learns, and so on.

Your impact

• You will provide security-focused feedback at different stages of the Software Development Life Cycle
• You will Review security alerts from dependencies, frameworks and manage such upgrades
• You will assist in creating a framework to centralize, review and act on security-related updates from third parties and partners
• You will monitor static analysis test results and ensure appropriate fixes are developed
• You will respond to security incidents and help write post-mortem reports
• You will provide answers and expertise on security-related queries from internal team members and customers

Your experience

• 3+ years of experience as a security engineer
• Deep understanding of emerging vulnerabilities and industry-standard lists such as OWASP TOP 10, SANS
• Broad knowledge of testing products/services across different platforms (web, mobile, API)
• Familiarity with static and dynamic application security testing tools (SAST & DAST)
• You are naturally curious about and stay on top of trending security concepts, breaches, and attack vectors
• You have a service mindset with a strong passion for helping and teaching team members with varying degrees of expertise in security
• You have experience or understanding of authentication and authorization methods, open standards, and protocols (such as SAML, OAuth)
• You have excellent verbal and written communication skills since you will be engaging in providing constructive feedback, generating awareness, and writing summaries
• Be sure to mention “coffee” in your application so we know you actually read this

Benefits

• Multiple health/dental coverage options
• Vision insurance
• Incentive stock options
• 401(k) match of 4%
• PTO - 4 weeks
• 12 company holidays + 2 floating holidays
• Parental leave- birthing parent (12 weeks paid) non-birthing (4 weeks paid)
• FSA & HSA options
• Short and long term disability (short term 100% paid)
• Community service funds
• Professional development funds
• Wellbeing fund - $150 quarterly
• Business expense stipend- $125 quarterly
• Mac laptop + new hire equipment stipend
• Monthly catered lunches
• Fully stocked kitchen with tons of drinks & snacks
• Remote working friendly since 2012 #LI-REMOTE

Fleetio provides equal employment opportunities to all employees and applicants and prohibits discrimination and harassment. We celebrate diversity and are committed to creating an inclusive environment for all. All employment is decided on the basis of qualifications, merit and business need.

This application is not intended to and does not create a contract or offer of employment. Employment with Fleetio is at will.

If you have a disability or a special need that requires an accommodation to fill out the online application, please let us know by emailing recruiting@fleetio.com.