Senior Application Security Engineer

About The Opportunity

Here at Grubhub we’ve been dedicated to giving diners the most convenient way to order food from their favorite restaurants (whether that’s a late night Chalupa from Taco Bell or a salad for lunch from a local restaurant the day after they enjoyed said late night Chalupa).


While we are food-obsessed, we are also customer-obsessed. We look to constantly innovate our technology so our diners’ food experience is memorable, restaurant owners get more business and individuals across the country looking for part-time work can deliver the food from the restaurant to the diner flawlessly. We take great pride in knowing that we are a part of 17+ million diners food ordering experience and we are partnered with 105,000 restaurants in 2,000 US cities across our suite of apps (Grubhub, LevelUp, Seamless, Tapingo, Eat24).


Want to be a part of the biggest movement in the US that is moving eating forward? If so, we want to talk to you - and hear what’s your favorite restaurant for food delivery!


As a Security Engineer on the Information Security Team, you will play a central role in architecting Grubhub’s security controls, policies and standards. You will closely work with Engineering and Product Stakeholders to drive and create solutions to challenging cyber security problems.

Some Challenges You’ll Tackle

  • Ability to articulate issues, risks, and propose solutions for various application security problems to developers
  • Ability to comprehend large, complex applications written by others from reading source code
  • Passion and enthusiasm for security and building secure products
  • Ability to stay current with emerging technologies and industry trends
  • Skilled in understanding vulnerabilities, weaknesses, and remediation techniques
  • Designing, reviewing and threat modeling applications
  • Evangelizing security within the organization

You Should Have

  • Experience with multiple programming languages like Java, Angular/React, Javascript, Python, Go, Objective C
  • Experience with and understanding of web services, mobile applications, applied cryptography, TCP/IP and HTTP Protocols
  • Experience with multiple operating systems like Linux, Windows, OSX etc.
  • Ability to write Python code.  Java code is a plus
  • Experience with code analysis tools for static/dynamic analysis, penetration testing and web application proxies like ZAP/ Burp Suite
  • Experience with Amazon Web Services (AWS) or other cloud environments
  • Experience with Git.
  • Experience on running, triaging and making risk assessments based on vulnerabilities’ proof of concepts.
  • Experience on validating security fixes deployed by development teams
  • Good verbal, written communication, problem solving skills, strong sense of ownership and have an innovative mindset

And Of Course, Perks!



We deliver favorites every day. Join us as we move eating forward.


Grubhub is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. The EEO is the Law poster is available here: DOL Poster. Grubhub is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail and let us know the nature of your request and your contact information.

Back to top