Application Security Engineer
At Netlify, we're building a platform to empower web developers to build better, more elaborate web projects than ever before. We're aiming to change the landscape of modern web development. Netlify currently serves more than 800,000 developers worldwide.
We recently raised $53M in Series C funding to bring forward the next generation of tooling for a more accessible web. This round was led by the EQT Ventures with participation from existing investors Andreessen Horowitz & Kleiner Perkins. This brings Netlify’s funding raised in total to $98M to date. Other past investors include Bloomberg Beta, Designer Fund, and Tank Hill Ventures, as well as the founders of Figma, GitHub, Slack and Yelp.
Netlify is a diverse group of incredible talent from all over the world. We’re ~48% woman or non-binary, and are composed of about half as many nationalities as we are team members.
About the Position
As a key member of the Security team, you will work with various teams on application, infrastructure, corporate security and everything adjacent. Although you will not be coding every day, a software engineering background is essential to discuss architecture and code reviews with the Engineering team.
- Continuously conduct security assessments on our internal assets and existing and future products.
- Build and deploy security automation and tooling to verify and further increase our security posture.
- Manage our vulnerability management program and work with the relevant teams to prioritize remediation efforts.
- Build processes to ensure that security is part of our engineering DNA.
- Manage secure coding training across the teams.
- Experience in application and infrastructure security, especially in cloud environments.
- Experience with secure software development lifecycles, from threat modelling to code reviews.
- Knowledge of container security and orchestration.
- Several years of engineering experience with Go or Ruby.
- A demonstrated ability to empathize, collaborate, and communicate across teams.
- Ability to work across multiple time zones with remote colleagues.
- 3 or more years experience working as a full-time application or infrastructure security engineer.
- BONUS: exposure to compliance audits such as SOC 2, ISO 27001 and PCI.
Our main office is located in the Dogpatch district in San Francisco, CA, and about 60% of us work remotely. Employees in the San Francisco area work from home two days per week. Applicants working in timezones within +/- 3 hours from PST preferred.
Of everything we've ever built at Netlify, we are most proud of our team.
We believe that empowered, engaged colleagues do their best work. We’ll be giving you the tools you need to succeed and looking to you for suggestions to improve not just in your daily job, but every aspect of building a company. Whether you work from our main office in San Francisco or you are a remote employee, we’ll be working together a lot—paring, collaborating, debating, and learning. We want you to succeed! About 60% of the company are remote across the globe, the rest are in our HQ in San Francisco.
To learn a bit more about our team and who we are, make sure to visit our about page.
Not sure you meet 100% of our qualifications? Please apply anyway!
With your application, please include: A thoughtful cover letter explaining why you enjoy the role and why you’d like to work at Netlify. A resume or short listing of job history. (A link to a LinkedIn profile would be fine.)
When we receive your complete application with the items above, we’ll get back to you about the next steps.
Back to top