Senior Application Security Engineer

| Greater NYC Area
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

 About the role….

Policygenius continues to disrupt the insurance industry by delivering innovative technology-driven experiences. Our talented yet humble team is dogma-free and data oriented. We are relentless in our mission to reliably deliver outstanding products and services at scale. We are growing fast, but we can go further faster with experienced, collaborative, challenge-seeking people like yourself.

As the Senior Application Security Engineer you’d be our first AppSec Engineer joining the growing InfoSec team and helping to build a robust security culture for our Engineering team. You’d work very closely with our Site Reliability and Application Engineers to ensure Poliygenius is doing all we can to protect the company’s and our customer’s data.

You will have the mindset of a technology partner and enabler who is seen as a trusted adviser and partner. You will be able to educate, provide guidance, and help drive an appreciation for application security. Like to find the security holes in things? This role’s for you.

We are open to this role operating out of either the New York or Durham offices once we've returned to office.

In this role, you will…

  • Formalize and manage a bug bounty intake and remediation process 
  • Lead the remediation of application vulnerability scanning and penetration testing
  • Manage integration with Static and Dynamic Code Analysis tools
  • Identify security exposures and develop mitigation plans
  • Collaborate with cross functional teams (Engineering, DevOps, Product) while carrying out day-to-day tasks
  • Integrate security into the CI/CD pipeline
  • Provide guidance on secure software development at all stages of the SDLC, including architecture and design reviews
  • Assist the other members of the security team during testing and purple team exercises
  • Perform red team exercises utilizing automated and manual techniques 

We’d love to hear from you if…

  • Have 3+ years of AppSec experience: pen testing web applications, utilizing instrumentation, fuzzing, and other exploitation techniques
  • Have strong communication skills and the ability to comfortably and effectively articulate security and risk related concepts to technical and non technical audiences 
  • Have the ability to thrive in a startup environment and experience working in an agile development lifecycle
  • Know the OWASP top 10 inside and out.
  • Participate in the bug bounty hunting community
  • Understand the concept of least privilege and the confidentiality, integrity, and availability triad and will work to enforce those concepts in our environment
  • Have experience with languages such as Ruby, Go, Python
  • Have experience with secure coding practices and automating security checks in pipelines
  • Are comfortable working in and across cloud environments like AWS and GCP
  • Have an understanding of application security in context of a secure SDLC and CI/CD

You can expect...

  • Company-paid health, dental, vision, life & disability insurance
  • 401(k) plan, FSA & commuter benefits
  • Generous PTO 
  • Training, mentorship and coaching from leadership
  • The opportunity to grow alongside a company shaking up a big, old-fashioned industry
  • Fun, diverse, open-minded coworkers
  • Dog companionship!!!

About Policygenius

Policygenius is America’s leading online insurance marketplace. Since 2014, our mission has been to help people get the financial protection they need (and feel good about it). We make it easy for our customers to understand their options, compare quotes, and buy insurance, all in one place. To date, we’ve helped more than 30 million people shop for all types of insurance and placed over $45 billion in coverage.

At Policygenius, we’re proud of building an environment that encourages our teammates to bring their authentic selves to work. Despite rapid growth (we’ve doubled in size year over year!), we’ve continuously maintained our inclusive culture through humility, hard-work, and humor, and we’re looking for more people with grit, collaborative attitudes, and creative problem-solving skills to join our team. Come see why we’ve been voted one of Inc. Magazine’s “Best Workplaces” two years in a row!

Diversity at Policygenius

Policygenius believes differences should be celebrated and is committed to building a team as diverse as the customers we serve. We welcome different perspectives and opinions to foster innovation, authenticity, and excellence across all parts of our company, and are committed to providing employees with a work environment free of discrimination and harassment.

As an Equal Opportunity Employer, Policygenius highly encourages applicants from all walks of life. All employment decisions at Policygenius are based on business needs, job requirements and individual qualifications without regard to actual or perceived race, color, sex, pregnancy, sexual orientation, gender identity or expression, age, national origin, political affiliation or belief, religion, disability, uniformed service, marital status or any other status protected by law. 

Come join the team!

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RubyLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • Twitter BootstrapLibraries
    • ExpressFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • PostgreSQLDatabases
    • BigQueryDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • SketchDesign
    • UXPinDesign
    • TableauDesign
    • MouseflowDesign
    • Respondent.ioDesign
    • Usertesting.comDesign
    • ZeplinDesign
    • PrincipleDesign
    • ConfluenceManagement
    • JIRAManagement
    • TrelloManagement
    • ClubhouseManagement
    • IterableEmail
    • LitmusEmail

Location

In the heart of the Flatiron district! Conveniently located near several NYC subway stops, the NJ Path train, and a short walk to Penn Station.

An Insider's view of Policygenius

What’s the vibe like in the office?

Think: startup meets productive adult office. The fridge is stocked with La Croix and there's usually a dog or two running around, but there's no ping pong. Everyone works hard and takes the job seriously. Strict "no chuckleheads allowed" policy. People are cool and from a really wide range of backgrounds.

Adam

Senior Product Manager

What kinds of technical challenges do you and your team face?

All of the normal challenges of building a modern (fairly cutting edge actually, if I do say so myself), scalable tech stack, just with the added twist of integrating with a bunch of fairly archaic APIs. The insurance industry historically isn't exactly a bastion of modern technology, but we're doing our darnedest to change that.

Trevor

Senior Software Engineer

What makes someone successful on your team?

Teamwork and problem-solving go a long way on my team and at Policygenius overall. I would say that individual ideas are not only supported but more importantly, encouraged. I'm consistently challenged, but always learning; our environment promotes both individual and professional growth. I'm looking forward to moving to the next level!

Masuda

Customer Success Team Lead

What is your vision for the company?

Our vision for Policygenius is to be the go-to consumer platform for insurance and financial protection. What Expedia did for travel, we're doing for financial protection. We're already the top platform for under-50 consumers for life insurance and disability insurance, and we're excited to expand that to new categories in 2019!

Jen

CEO

What's something quirky about your company?

So many team members have really interesting stories about their time before Pg. We’ve got trivia champions, ex-magicians, chicken bag experts, and even someone who used to be Madonna’s assistant. It’s all story-telling gold.

Justin

Chief Design Officer

What are Policygenius Perks + Benefits

Culture
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Diversity manifesto
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K)
Child Care & Parental Leave Benefits
Family Medical Leave
Vacation & Time Off Benefits
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Happy Hours
Pet Friendly
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Acme Co. hosts lunch and learn meetings weekly.
Cross functional training encouraged
Promote from within
Customized development tracks
Paid industry certifications
More Jobs at Policygenius23 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR
Marketing
Operations
Sales
Content
Data + Analytics
new
New York
Developer
new
New York
Design + UX
new
New York
Content
new
New York
Design + UX
new
New York
Developer
new
New York
Data + Analytics
new
New York
Data + Analytics
new
New York
HR
new
New York
Data + Analytics
new
New York
Developer
new
New York
Marketing
new
New York
Marketing
new
New York
Operations
new
New York
Developer
new
New York
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Policygenius's full profileSee more Policygenius jobs