About The Opportunity
Hey! We're Grubhub
We're all about connecting hungry diners with our network of over 300,000 restaurants nationwide. Innovative technology, user-friendly platforms and streamlined delivery capabilities set us apart and make us an industry leader in the world of online food ordering. When you join our team, you become part of a community that works together to innovate, solve problems, grow, work hard and have a ton of fun in the process!
Why Work For Us
We have a fast-paced environment and that is what our teams thrive on. Grubhub believes in empowering people and offering opportunities for development, as well as professional growth. We value strong, positive relationships in all areas: with each other, our customers and our greater community. Want to be a part of a team of diverse collaborators in an authentically fun culture? If so, we want to talk to you - and hear what's your favorite restaurant for food delivery!
We're looking for an Application Security Engineer with experience in building security into products. The team provides engineering and product teams with the security expertise necessary to make confident product decisions. This is done through the use of Threat Modeling, Static Code Analysis, Cloud Security tooling, and Bug Bounty programs. Dynamic Scanning and Security Training are programs we want to mature in the coming year.
The Impact You Will Make

• Investigate and understand our newest projects and technologies and give security guidance to ensure that they are as robust as possible.
• Perform code and design reviews of internally developed applications.
• Develop security tools to find or fix security issues en masse.
• Use both automated and manual testing tools to find and validate vulnerabilities in our web applications
• Create automated tests to encourage and enforce security standards.
• Develop security training and education for our software engineers.
• Ensure that identified issues are prioritized and addressed in an appropriate time frame.
• Provide clear communication on issues to developers that suggest and help to test the fix

What You Bring to the Table

• 3 years of professional experience with security engineering practices such as in web application security, network security, authentication and authorization protocols, cryptography, automation and other software security disciplines
• 3 years of experience scripting in Python or other equivalent interpreted languages
• Experience with public cloud environments (AWS, GCP, Azure)
• Experience in a highly scalable environment/Service Oriented Architecture (SOA)
• Being able to understand the true risks of findings ultimately allowing you to compromise when it's necessary and hold firm when it's essential.
• Experience in running, triaging, and making risk assessments based on vulnerability proof of concepts, as well as validating security fixes once deployed.
• Strong sense of "ownership" and an innovative engineering mindset.

And Of Course, Perks!

• Flexible PTO . Grubhub employees enjoy a generous amount of time to recharge.
• Health and Wellness. Excellent medical benefits, employee network groups and paid parental leave are just a few of our programs to support your overall well-being.
• Competitive Pay. You'll receive a competitive base salary with eligibility for generous incentives, bonuses, commission or RSUs (role-specific).
• Learning and Career Growth. Your personal and professional development is a priority at Grubhub. We empower you to be a leader and grow your career through training, coaching and mentorship opportunities.
• MealPerks. Get meals on us! Our employees get a weekly Grubhub credit to enjoy and support local restaurants.
• Fun. Every Grubhub office has an employee-led Culture Crew that connects people through fun, meaningful events and initiatives like Wellness Wednesdays, Slack competitions and virtual happy hours!
• Social Impact. At Grubhub we believe in giving back through programs like the Grubhub Community Relief Fund and donating $1 million to the Equal Justice Initiative in 2020. Employees are also given paid time off each year to support the causes that are important to them.

Vaccination Requirement: Grubhub employees are required to be fully vaccinated. Candidates must confirm vaccination status at time of hire, and must provide proof of full-Covid-19 vaccination within 2 weeks of starting employment. Fully vaccinated is defined as: "2 weeks have passed since your second dose in a 2-dose series, such as the Pfizer or Moderna vaccines, or 2 weeks after a single-dose vaccine, such as Johnson & Johnson's vaccine.
Grubhub is an equal opportunity employer. We welcome diversity and encourage a workplace that is just as diverse as the customers we serve. We evaluate qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. If you're applying for a job in the U.S. and need a reasonable accommodation for any part of the employment process, please send an email to [email protected] and let us know the nature of your request and contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address.
CA Privacy Notice: If you are a resident of the State of California and would like a copy of our CA privacy notice, please email [email protected]