Senior Application Security Engineer
SeatGeek believes live events are powerful experiences that unite humans. With our technological savvy and fan-first attitude we're simplifying and modernizing the ticketing industry.
By catering to both consumers and enterprises, we're powering a new, open entertainment ecosystem where fans have effortless access to experiences, and teams, venues, and shows have seamless access to their audiences. Because everyone should expect more from ticketing.
You'll be part of a team developing a modern AppSec program with a highly automated approach to security coupled with a collaborative approach to working with Engineering partners. You'll be operating in a fast paced, agile environment, with a goal of making security a key part of the product. It is a great opportunity to apply your years of AppSec experience in making SeatGeek products secure by default. As a foundational member of this team, you will have a huge impact on the product roadmap and in building a trusting relationship with the engineering community.
What you'll do
- Provide security guidance to engineering teams on new products and technologies
- Take a leadership role in driving application security and privacy initiatives
- Perform threat modeling and architecture review on upcoming features and products
- Perform regular security assessments through penetration testing and code reviews of SeatGeek products
- Encourage and train developers in secure coding practices
- Own the implementation, vendor management, and continuous improvement of our application security tools
- Continuously improve Application Security Program and actively take part influencing its roadmap
Who you are
- You've worked in an AppSec role and have a solid understanding of security fundamentals
- You're proficient in one or more coding languages (Python, C#, Go) i.e you can code and perform security code reviews.
- You're experienced in working with highly technical engineering teams
- You have performed threat modeling and architectural review for years
- You like bug hunting and penetration testing (bonus points if you share your BugCrowd/HackerOne profiles)
- Experience in AWS is a plus
- Experienced contributing to the security community (public research, blogging, presentations, etc.)
Perks
- Equity stake
- Flexible work environment, allowing you to work as many days a week in the office as you'd like or 100% remotely
- A WFH stipend to support your home office setup
- Flexible PTO
- Up to 16 weeks of paid family leave
- 401(k) matching program
- Health, vision, dental, and life insurance
- Annual subscriptions to Headspace, Ginger.io, and One Medical
- $120 a month to spend on tickets to live events
- Annual subscription to Spotify, Apple Music, or Amazon music
SeatGeek is committed to providing equal employment opportunities to all employees and applicants for employment regardless of race, color, religion, creed, age, national origin or ancestry, ethnicity, sex, sexual orientation, gender identity or expression, disability, military or veteran status, or any other category protected by federal, state, or local law. As an equal opportunities employer, we recognize that diversity is a positive attribute and we welcome the differences and benefits that a diverse culture brings. Come join us!