Sr. Application Security Engineer

Quizlet

San Francisco, CA, US
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 03/30/2021
  • Website: quizlet.com
  • Company Address: 501 2nd Street, Suite 500, San Francisco, CA, 94107

About Quizlet

Simple tools that let you study anything for free.

Job Description

Inspired by our belief that anyone can learn anything and powered by our own curiosity, we build the smartest tools we can imagine to help students learn.  
 
Quizlet is the popular, global learning platform and app that millions of students, teachers and everyday people use to study any subject imaginable for school, work or as part of their personal interests -- including two-thirds of high school students and half of all college students in the US. Combining cognitive science and machine learning, Quizlet guides students through adaptive study activities to confidently reach their learning goals. We’re on track to become the undisputed leader in user-generated learning content and engagement, at the scale of YouTube.  
 
Valued at $1 billion, Quizlet has raised over $60 million in venture capital from investors including Icon Ventures, Union Square Ventures, General Atlantic, Costanoa Ventures, Owl Ventures, and Altos Ventures.  
 
To serve our global community of learners, our teams tackle lofty technical challenges and design for use cases across cultures and languages. We work hard, act like owners, and collaborate every chance we get. We’re energized by the potential to power more learners through multiple approaches and various tools.
 
With offices in major cities around the world and ambitious plans for expansion, we remain grounded in our commitment to our mission of helping people learn. We’re looking for new team members who crave a challenge and want to help us continue amplifying our impact. If you’d like to learn more, reach out at [email protected] or visit our careers page.
 
About the team:
 
The Security Engineering team is responsible for all aspects of technical security. As part of the EngSec team, you will lead our application security initiatives, including maturing our security integration testing as part of our pipelines as well as performing code review and consultancy in the security space to our engineers. Quizlet needs your expertise to provide all our employees with the right guidance so that we can provide a safe environment for our users!
 

What you'll do:

    • Mature our application security posture by fostering a security culture which includes, developing coding standards, partnering with engineering teams and developing threat models
    • Work with external researchers to ensure that findings are mitigated effectively, therefore, reducing overall risk
    • Implement continuous scanning as part of our pipelines
    • Develop security micro-services where applicable
    • Develop Secure coding standards and 
    • Work on spam and account takeover mitigation strategies

Qualifications:

    • 7+ years of application security engineering supporting full-stack applications
    • Solid experience in OWASP best practices
    • Solid experience in 1 or more languages including Java, Ruby, Python, PHP
    • Experience in SAST/DAST technologies
    • Solid experience in cloud computing and infrastructure 
    • Solid experience in secrets management, authentication systems, and PKI infrastructure
    • Excellent written and oral communication skills
    • Open, humble and candid approach to communication

Bonus if:

    • Experience with Vault
    • Experience with CI/CD platforms
 
 
 
Benefits and perks:
-Collaborate with your manager and team to create a schedule that ensures a high level of productivity (creating that ideal work/life balance)
-We offer 20 days of paid vacation (and we expect you to take them)
-We provide a monthly in home office stipend to employees while our teams are working remote for the COVID pandemic
-We’ll provide you with a laptop, top-notch benefits available to all fulltime Quizleters
 
 
Next steps:
Curious about our interview process? 
-Meet with Recruiter
-Meet with Hiring Manager
-Meet with Potential Colleagues and Leadership
 
We strive to make everyone feel comfortable and welcome! 
We work to create a holistic interview process, where both Quizlet and candidates have an opportunity to view what it would be like to work together, in exploring a mutually beneficial partnership.
We provide a transparent setting, that gives a comprehensive view of who we are!  
 
 
In Closing:
We hope you are excited about everything you read so far. We highly encourage you to apply for this position, even if you feel you do not meet all the requirements. Quizlet is always looking for amazing folks that believe in our mission and can contribute to our team in various ways - not merely candidates that fit a certain mold.
We have a bias for action, take initiative, and hustle to deliver results. We make informed decisions whenever possible but are unafraid to take calculated risks on great ideas to promote learning. We embrace challenges and see effort as the path to mastery. We’re constantly seeking opportunities to learn and we embrace curiosity. Quality matters at Quizlet, and we hold the bar high on everything we do.
 
We treat each other with honesty and respect, encourage vigorous debate, and seek critical feedback. We value diversity, humility, transparency, and collaboration as the best paths to our success — as individuals, as a team, and as a company.
 
Quizlet’s success as an online learning community depends on a strong commitment to diversity, equity, and inclusion. We are actively working to build a team that is representative of the diverse communities we serve, and an open, inclusive work environment where all employees can thrive. As an equal opportunity employer and a tech company committed to societal change, we welcome applicants from all backgrounds. Women, people of color, members of the LGBTQ+ community, individuals with disabilities, and veterans are strongly encouraged to apply. Come join us!
 
 
To All Recruiters and Placement Agencies:
At this time Quizlet does not accept unsolicited agency resumes and/or profiles. 
Please do not forward unsolicited agency resumes to our website or to any Quizlet employee. Quizlet will not pay fees to any third-party agency or firm nor will it be responsible for any agency fees associated with unsolicited resumes. All unsolicited resumes received will be considered the property of Quizlet.

Related Jobs

Sr. Full Stack Engineer, Growth - SF, CA

Quizlet - San Francisco, CA, US

Site Reliability Engineer - Flexible, SF, or DEN

Quizlet - San Francisco, CA, US

Android Engineer Intern

Quizlet - Remote

Associate Product Manager Intern

Quizlet - Remote

Content Designer - SF, CA or DEN, CO

Quizlet - San Francisco, CA, US
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.