Senior Application Security Engineer job in New York City
|Company Type:||Certified B Corporation|
|Impact Area:||Quality of Life|
|Company Name:|| Etsy|
|State / Province:||New York (NY)|
|City:||New York City|
Etsy is looking for a Sr. Application Security Engineer to join our Security Engineering team in Brooklyn.About the Team Here at Etsy we try to do things a little differently. Whether it's re-imagining commerce https://www.etsy.com/about/, blameless postmortems, pushing to production on your very first day, we don't subscribe to the mantra of "Because we've always done it that way".We believe that small, empowered, self-motivated teams can do big things. We also believe in the right tool for the job, not language-as-religion. Check out the security section our engineering blog: http://codeascraft.com/category/security/ and our previous talks https://www.etsy.com/codeascraft/talks#section-Security for more on our technology and culture. About the JobThis is a building things, not just breaking things, role. Being able to work with others and helping them to understand security is far more important than knowing about the latest ROP gadget finding techniques. Being able to get past the traditional security stance of blocking and instead making it so everyone can bring innovative ideas and approaches to production, securely. This is a hands-on technical position where you will work with the Engineering and Product teams to ensure the secure release of Etsy innovating applications. A strong knowledge of securing production LAMP stacks, as well as a solid understanding of iOS and Android apps is a must. Security architecture experience and the ability to consult with engineering teams working on large scale technology projects will be key to success.Security engineers should have thorough familiarity with techniques used by real world attackers and should be able to prioritize detection and attack surface reduction efforts based on this knowledge.About You You enjoy designing and implementing secure applications as well as working with diverse teams enabling them to deploy their innovations securely. You should firmly believe that the best defense is a good offense, and enjoy subverting security mechanisms in order to build a better mousetrap. You should also believe deeply that security is an ongoing process that people are as much a part of as technology.