Senior Application Security Engineer

3 days ago

Apply Now

Receive Emails with Similar Jobs

Upstart

WebsiteLinkedInAll Job Openings

Personal Loans • FinTech • Marketplace Lending • Artificial intelligence • Finance

1001 - 5000

Description

• About Upstart • Upstart is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit. • Upstart is a digital-first company. • We’re looking for a Senior Application Security Engineer to join our growing Information Security team. • Your primary function will be to work with Upstart’s engineering and product management teams to ensure that our product platform is secure, safe and reliable. • You’ll have the latitude to touch every aspect of our security strategies, with the opportunity to specialize as the team grows. • How you’ll make an impact: • Work closely with our engineering and data science teams to securely design and implement new products and features • Set up a regular vulnerability scanning tools and manage remediation of identified issues • Assess the threat model for cloud native infrastructures and applications • Operate as an integral member of the engineering team and advocate for security best practices across the organization • Help identify Upstart’s internal and external attack surface in a dynamic environment.

Requirements

• Minimum requirements: • 3+ years of experience in a security engineering or security operations role • An IT/CS degree or equivalent knowledge • Experience in Java, Python or Ruby development • Knowledge of industry standard authentication and authorization protocols (TLS, SAML, etc) • Previous usage or knowledge of SAST/DAST and vulnerability scanners • Understanding of Full Stack Development, SDLC, and CI/CD pipelines • Understanding of network stack and common protocols • Ability to collaborate cross-functionally and communicate effectively with highly technical teams • Preferred qualifications: • 7+ years of experience in a high-security environment • MS degree or equivalent knowledge • Certification in IT or cybersecurity (e.g. CISSP, CISM, GSLC, OSCE) • Experience conducting infrastructure security audits, penetration tests, and periodic access reviews to applications and infrastructure • AWS, K8s and CI/CD pipeline experience • Contributions to the security industry (e.g. Whitepaper, OSS projects, Patents)

Benefits

• Competitive Compensation (base + bonus & equity) • Comprehensive medical, dental, and vision coverage with Health Savings Account contributions from Upstart • 401(k) with 100% company match up to $4,500 and immediate vesting and after-tax savings • Employee Stock Purchase Plan (ESPP) • Life and disability insurance • Generous holiday, vacation, sick and safety leave • Supportive parental, family care, and military leave programs • Annual wellness, technology & ergonomic reimbursement programs • Social activities including team events and onsites, all-company updates, employee resource groups (ERGs), and other interest groups such as book clubs, fitness, investing, and volunteering • Catered lunches + snacks & drinks when working in offices