Recurly is a leading enterprise subscription billing platform that serves companies of all sizes including some of the largest Fortune 500 organizations in the world. We are seeking a technical hands-on Senior Application Security Engineer to join our team.
As a Senior Application Security Engineer on the Information Security team, you will lead Recurly’s application security program and roadmap. You will work to bring in the latest security technologies and processes into the company as well as working with other teams across the organization to help them meet the security standards the company has set. This role will require a close working relationship with our development teams and their management to be successful. This is a highly visible role in the company that will work with C-level executives on down to ensure that Recurly is meeting the highest application security standards.
Technology/Services You Will Use: Cloud Providers (Google/Amazon), WAF/RASP, Programming Languages (Ruby, Go, Python), Static/Dynamic Code Analysis tools, Bug Bounty Programs, Containers, Terraform, Salt, Jenkins, Git, Splunk, ELK, Kubernetes, etc.
- Build security solutions that protect our cloud and container environments
- Implement solutions that use machine learning to identify threats in our environment
- Work with peers to come up with solutions that automate security end-to-end
- Work with application teams to fix bug bounty findings
- Complete security reviews of new features, products, services, and vendors
- Review security posture and roadmap, make suggestions and bring new ideas to the table
- Expert level with Linux and Linux security (Ubuntu, CentOS, etc.)
- Expert level in multiple programming languages (Ruby, Go, Python, etc.)
- Expert level in defining and implementing an SDLC
- Expert level in working closely with development teams
- Experience with managing Bug Bounty programs
- Experience with Static and Dynamic Code Analysis tools
- Experience in building security checks into the CI/CD pipeline
- Bachelor's degree or equivalent experience
- Experience in leading an Application Security Program
- Experience with Runtime Application Self-Protection (RASP) tools
- Experience in a DevSecOps environment
- Experience with Scrum/Agile while using JIRA
- Experience with Terraform
Recurly is an enterprise-class subscription management platform that cuts through the complexity of subscription management to optimize and automate revenue growth. Founded in 2009, Recurly uses an open platform approach to easily connect with a broad variety of back-office systems. In addition to enabling lightweight and flexible custom integrations, Recurly also has powerful out-of-the-box integrations with enterprise solutions like Salesforce, NetSuite, and Avalara to provide efficiencies through end-to-end automation of billing events throughout the customer lifecycle.
Recurly's flexible architecture, coupled with deep expertise in the payments industry is validated by the billions of dollars in transactions the company processes each year. Thousands of companies worldwide depend on Recurly to manage and optimize their rapidly-growing subscription businesses.
Offices located in San Francisco, California and Boulder, Colorado.
Read Full Job Description