Auth0 provides an enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.
Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.
Auth0 allows anyone to authenticate and authorize users, applications, and APIs with any identity provider running on any stack and any device. Security is at the core of our product and the security of our customers and their data is paramount. We are looking for a Senior Application Security Engineer to join us in keeping Auth0 and our customers data safe
Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.
The individual filling this role will work closely with our product teams, and should feel comfortable shipping bug fixes into production. We love to build tools and automate security whenever it makes sense, enabling others and reducing repetitive tasks.
This is an exciting time to join Auth0 as we are growing quickly and this role is an opportunity to drive the expansion of our App Sec team.
Responsibilities:
- Provide team leadership and own the delivery of application security projects
- Be a subject matter expert for application security - supporting our product teams
- Own our Secure Software Development Lifecycle - both the process and tools
- Conduct security reviews and provide internal consulting
- Build, deploy and maintain security controls and instrumentation around and in our code
- Threat modeling of new and existing features
- Educate and influence our product teams
Requirements:
- Significant experience working as an Application Security Engineer or developer
- Development experience with at least one programming language
- Deep understanding of modern web technologies, mobile and web security
- Deep understanding of common vulnerabilities in web and mobile applications and how to prevent them
- Proven ability to influence development teams to deliver secure code
- Experience with threat modeling methodologies
- Strong written and verbal communication skills
- Comfort working in a globally distributed environment with a remote workforce
Extra points:
- Bachelor’s degree in computer science or equivalent educational or professional experience and/or qualifications
- Development experience with Node.js / Javascript
- Experience with authentication protocols (e.g. SAML, OAuth etc)
- Experience running a bug bounty programmer
Examples of our Engineering Culture:
https://auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d
https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921
Auth0 values diversity and inclusion and is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
by via developer jobs - Stack Overflow
No comments:
Post a Comment