Recurly is a leading enterprise subscription billing platform that serves companies of all sizes including some of the largest Fortune 500 organizations in the world. We are seeking a technical hands-on Senior Application Security Engineer to join our team.
As the Lead Application Security Engineer on the Information Security team, you will lead Recurly’s application security program and roadmap. You will work to bring in the latest security technologies and processes into the company as well as working with other teams across the organization to help them meet the security standards the company has set. This role will require a close working relationship with our development teams and their management to be successful. This is a highly visible role in the company that will work with C-level executives on down to ensure that Recurly is meeting the highest application security standards.
Technology/Services You Will Use: WAF/RASP, Programming Languages (Ruby, Go, Python), Cloud Providers (Google/Amazon), Static/Dynamic Code Analysis tools, Bug Bounty Programs, Containers, Terraform, Salt/Ansible, Jenkins, Git, Splunk, ELK, Kubernetes, etc.
- Build security solutions that protect our applications
- Work with peers to come up with solutions that automate security end-to-end
- Work with application teams to fix bug bounty findings
- Complete security reviews of new features, products, services, and vendors
- Lead applications security reviews and application penetration testing activities
- Expert level with Linux and Linux security (Ubuntu, CentOS, etc.)
- Must be able to understand and code in a programming language (Ruby, Go, Python, etc.)
- Must have familiarity in defining and implementing an SDLC
- Have worked closely with development teams in an application security role
- Familiar with managing Bug Bounty programs
- Good understanding of Static and Dynamic Code Analysis tools
- Experience in building security checks into the CI/CD pipeline
- Bachelor's degree or equivalent experience
- Experience in leading an Application Security Program
- Experience in a DevSecOps environment
- Experience with Scrum/Agile while using JIRA
- Experience with Terraform
Recurly is an enterprise-class subscription management platform that cuts through the complexity of subscription management to optimize and automate revenue growth. Founded in 2009, Recurly uses an open platform approach to easily connect with a broad variety of back-office systems. In addition to enabling lightweight and flexible custom integrations, Recurly also has powerful out-of-the-box integrations with enterprise solutions like Salesforce, NetSuite, and Avalara to provide efficiencies through end-to-end automation of billing events throughout the customer lifecycle.
Recurly's flexible architecture, coupled with deep expertise in the payments industry is validated by the billions of dollars in transactions the company processes each year. Thousands of companies worldwide depend on Recurly to manage and optimize their rapidly-growing subscription businesses.
Offices located in San Francisco, California and Boulder, Colorado.
Read Full Job Description