Senior Application Security Engineer (Backend, Cybersecurity)
Boston, MA, USA
Posted on Wednesday, October 18, 2023
At WHOOP, we're on a mission to unlock human performance. WHOOP empowers people to perform at a higher level through a deeper understanding of their bodies and daily lives. We handle massive amounts of data continuously streaming up to the cloud collected from the world’s greatest sports teams and athletes mandating a fault-tolerant and highly available product. With such sensitive data we carry an immense responsibility to securely manage our members’ data.
Our Cybersecurity team is located within the Infrastructure organization. Our work is at the intersection of security, developer experience and product development. We are responsible for building foundational software services and libraries that enable our backend engineers to develop applications securely. We provide cybersecurity for existing applications as well as enable new business possibilities by getting security requirements met ahead of engineering.
A successful candidate for this position should have experience in software engineering, public cloud management and exposure to cybersecurity systems and practices.
- Work in a cross functional team that works closely with Software, Product, IT and Legal
- Collaborate with engineers to maintain and continually improve existing security tools
- Be creative and solve problems with solutions that can scale
- Review and contribute to application designs and solutions
- Identify and define application security requirements and security baselines
- Maintain knowledge of current and emerging secure application technologies/products/trends
- 3+ years of experience in cybersecurity - we are open to a diverse set of backgrounds
- Proven and extensive Software Engineering experience developing and maintaining scalable, Cloud-native software solutions
- Proven and extensive experience in building RESTful APIs and background workers in Java, C# or Python
- Proven and extensive experience in secure software development principles
- Proven and extensive experience building tools and automation to support an Application Security team
- Hands-on experience with permission systems
- Hands-on experience working with DevOps and Agile-driven product teams
- Hands-on experience with compliance programs
- You have excellent written and verbal communication skills
- You thrive in a fast paced and data driven environment
- You are a team player who thrives on continuous learning and direct feedback
WE WOULD LOVE TO SEE:
- Hands-on experience in a Bug Bounty program (either triaging bugs or submitting bugs)
- Hands-on experience with observability tools for alarming, diagnostic and forensic use cases
- Hands-on experience with Policy As Code such as Open Policy Agent, AWS Cedar or Hashicorp Sentinel
Find out more about us: "WHOOP Software Principles"
This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility