Lead Software Developer - Security
Job Description:
The security team at Peloton has oversight into the security practices of the entire organization, instantiating security policies and best practices, as well as automation of these policies/practices where possible. The security team at Peloton is looking for a Lead Software Developer - Security to join our growing team to work across disparate teams. As a Lead Software Developer - Security, you would ensure the security of Peloton's products and services.
Responsibilities:
- Research, design and apply advanced security techniques.
- Perform security assessments and design reviews on web applications, mobile clients, internal services and APIs.
- Design and engineer cloud security services and infrastructure.
- Develop advanced security and cryptographic systems.
- Build large-scale detection systems.
- Maintaining and creating secure development best practices and programs for our engineering teams and external developers
- Identify risks in code, applications, software architecture, and internal development processes
- Provide guidance on relevant application security industry standards and practices such as OWASP, SANS, CWE, CWSS, CVE, CVSS, etc.
Requirements:
- You have 4+ years of experience working on a security team performing technical security assessments on modern web applications, APIs, and mobile applications within cloud hosted environments such as AWS, GCP.
- Experience with manual secure code review in languages such as Javascript, Python, Node.js, Ruby
- Experience integrating security into CI/CD pipelines
- Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode, AppSpider, Coverity, BlackNetSparker
- Knowledge of software security testing procedures across multiple platforms and Operating Systems.
- Understanding of Agile software development methods and familiarity with enterprise productivity tools such as JIRA, confluence
- Experience instituting organizational change with respect to security
- Effective spoken and written communicator to multiple audiences
- B.S. Computer Science in a related field, or equivalent experience
Nice to haves
- Familiarity with Peloton products and services is a plus
- Experience with CDNs such as Fastly, Cloudflare, Cloudfront, Akamai
- Experience with iOS or Android development
ABOUT PELOTON:
Founded in 2012, Peloton has transformed the at-home fitness experience by creating a bike that merges high-design with modern technology to provide access to live streaming and on demand indoor cycling classes led by elite instructors. With a state of the art studio, the best instructors and content distribution, Peloton delivers an intense high-energy workout that motivates, while positively changing the mind and body.