Senior Application Security Engineer

United States /
Engineering – Security /
Full-time
About Us

Founded in 2017, Coalition is on a mission to solve cyber risk and create a safer digital economy where everyone can thrive. Digital risk is now a part of every business and it’s no longer solely the domain of technical teams. That’s why we combined comprehensive insurance with proactive cybersecurity tools to help organizations stay resilient to digital risks like cyber attacks, funds transfer fraud and much more. 
 
Our team works collaboratively across North America and Europe to prevent security failures and provide both technical and financial help when incidents do occur. Today, Coalition is the world’s largest commercial insurtech serving over 130,000 customers including many small businesses that rely on Coalition to help them chart a path forward in the new digital world. 
 
As of September 2021, Coalition has raised $520 million from leading global technology investors as well as highly-regarded institutional investors including: Index Ventures, Ribbit Capital, Valor Ventures,  Durable Capital, T. Rowe Price Advisors, and Whale Rock Capital, valuing the company at more than $3.5 billion.
 
Coalition has experienced tremendous growth by helping organizations of all sizes solve real-world problems and by remaining true to our founding values of character, humility, responsibility, authenticity and diversity. That’s why we are proud to be named one of Inc’s Best Places to Work in 2021.

Responsibilities

    • Triage and prioritize application security vulnerabilities
    • Develop internal application security testing pipeline and  review processes
    • Build and conduct secure coding training for all developers
    • Mentor and train engineers to build secure products
    • Implement automated, proactive security measures (e.g., SAST/DAST)
    • Develop Secure SDLC process and communicate process to Engineering
    • Building Application security metrics

Skills and Qualifications

    • At least 3-5 years of direct experience either working on or leading an application security team
    • Conducting application security reviews
    • Building/measuring metrics and KPIs to track application security issues
    • Source code repositories, CI/CD pipelines and associated security tooling (e.g., GitHub, Drone, Buddy)
    • Experience developing SDLC processes
    • Working with SAST/DAST and tools (e.g., Synopsys, Veracode, GitLab Secure, GitHub Advanced Security, etc.)
    • Threat modeling methodologies (e.g., STRIDE)
    • Java, Go and Python secure coding assessments
    • Experience in API design and system architecture

Bonus Points

    • Bug bounty management
    • Teaching experience

Why Coalition?

Coalition's culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.

Coalition Engineering

Our culture is one of character, humility, responsibility, purpose, and authenticity. We are growing rapidly and that growth is enabled by strong teamwork, communication, and mentorship. We want people who are passionate about becoming experts in both the business and the technologies that support it. Our core platform is written mostly in Python with some services in Java and Go. We prefer to use the right tool for the job and make pragmatic decisions about how to scale and de-couple systems as we continue to grow. We’re looking for someone who can navigate a cloud environment (AWS) with many moving pieces and systems to help the team understand how they fit into the broader puzzle.
 
Recent press releases: 
Coalition Closes $205 Million Series E, Valuing the Cyber Insurance Provider At More Than $3.5 Billion
 
Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
 
#LI-REMOTE