Remote

Mural, the leading visual work platform for the enterprise, makes teamwork feel like less work. Our intuitive visual workspace enables teams to easily work together and collaborate better using proven design-thinking techniques. Built for enterprise teams, Mural meets the most stringent of IT and regulatory requirements. Industry leaders — including IBM, ‌Microsoft, SAP, and Abercrombie & Fitch — choose Mural to help their teams accelerate innovation and problem solving at scale. Whether your team is fully remote, distributed, in the office, or still figuring it out, Mural brings teams across the enterprise together to do the work that matters most.

ABOUT THE TEAM

The product security plays a vital role in identifying and mitigating risks within the Mural product as well as partnering with other engineering teams to recommend product features that enhance security for our customers.

YOUR MISSION

As an Application Security Engineer, your role will involve executing the MURAL product security strategy. You will manage Mural’s public bug bounty submissions, SAST testing within our CI workflow. Collaborating closely with developers, you will work to expand security testing coverage and lead security reviews of MURAL product features. Additionally, you will play a crucial role in educating and promoting secure coding best practices.

WHAT YOU'LL DO

Performing security reviews of Mural product features and architecture
Manage and operate our bug bounty program
Lead penetration testing and manage any risks to remediation
Implementation and operation of SAST and DAST technologies in the CI workflow
Working closely with Engineering teams to track and manage product risks to remediation
Working closely with Engineering to increase coverage of security testing
Communicating and nurturing relationships with security researchers, customers, and other stakeholders
Producing metrics to help track the health of our product vulnerability management strategy
Educating and evangelizing secure coding best practices

WHAT YOU'LL BRING

5+ years experience in a product security focused role
Experience with product security at a multi-tenant SaaS company preferred
Experience with vulnerability management
Deep understanding of web application and mobile application security risks
Deep understanding of Linux, Networking, Cryptography, and Cloud Architecture fundamentals
Software development experience with Node.JS or other frameworks like React, Angular, etc. is a preferred
Familiarity with MongoDB, Node.JS, Ruby, and/or Python is preferred.
If you have participated in public or private Bug Bounty programs, or have any other open source or community contributions, presentations, or blog posts in the security space, please share it with us!
Excellent command of English, both written and verbal

For roles based in New York City, California, Colorado, and Washington, the base salary for this role ranges from $160,000 - $200,000 + benefits. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation.

Equal Opportunity

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Senior Application Security Engineer Q&A's

Report this job