Lead Security Engineer - Application Security

San Francisco, CA
Engineering /
Full-time /
Hybrid
Front is a customer operations platform that enables support, sales, and account management teams to deliver exceptional service at scale. Front streamlines customer communication by combining the efficiency of a help desk and the familiarity of email, with automated workflows and real-time collaboration behind the scenes. With Front, teams can centralize messages across channels, route them to the right person, and unlock visibility and insights across all of their customer operations. 

More than 8,000 businesses across many different industries (manufacturing, logistics, travel, financial services, tech, etc.) use Front to drive operational efficiency that prevents churn, improves retention, and propels customer growth. Backed by Sequoia Capital and Salesforce Ventures, Front has raised $204M from leading venture capital firms and independent investors including top executives at Atlassian, Okta, Qualtrics, Zoom, and PagerDuty. Front has received numerous Great Place to Work accolades, including Y Combinator's list of Top Companies in 2023, #4 on Fortune’s Best Workplaces in the Bay Area™, Inc. Magazine's 2022 Best Workplaces list, Forbes Best Startup Employers 2022 List, and Best workplaces for Millennials 2022 list.

We are looking for an experienced security engineer based in San Francisco to help build, manage, and scale Front’s security programs.

What will you be doing?

    • Own and drive Front’s Application Security roadmap
    • Provide security guidance on a constant stream of new products and technologies
    • Partner with other teams at Front to constantly improve our defensive model
    • Triage and respond to reports from bug bounty 
    • Perform security assessments on web applications, mobile clients, and architectural designs
    • Create and maintain secure development practices
    • Communicate security risks to stakeholders and engineers

What skills and experience do you need?

    • Solid understanding of threat modeling and web security vulnerabilities, as well as their mitigation
    • Strong track record of launching and delivering projects of significant complexity and high level of ambiguity
    • Fluency in a dynamic language like Javascript, Python, Ruby, or similar
    • Strong understanding of core internet technologies (e.g. TCP/IP)
    • Solid understanding of web and mobile application architecture 
    • Experience with AWS technologies
    • Full professional English proficiency
2-day a week hybrid preferred, but this position is open to Remote US and Canada

The US hiring range for this full-time position is $190,000 - $240,000 USD. Individual compensation packages are based on factors unique to each candidate, including job-related skills, experience, qualifications, work location, training, and market conditions. At Front, we take a market-based approach to pay. In addition to cash compensation (base salary, which may include commissions or overtime pay where applicable), Fronteers are eligible to receive equity in the company. This resource will provide additional information on our location zone designations. If you have questions, please speak with a member of our recruiting team for additional information.

Zone 1: USD $190,000 - $240,000
Zone 2: USD $171,000 - $216,000
Zone 3: USD $161,000 - $204,000

These ranges may be modified by Front at our sole discretion in the future.

What we offer
✨ Competitive salary
🤝 Equity (we are post-series D & backed by some of the best VCs in the US)
🏥 Private health insurance fully covered by Front
💪 Flexible Fridays - learn more here!
🏡 Flexibility to work from home 3 days/week (unless posted as a full-remote role)
🛋 Mental health support with Modern Health
🍼 Family planning support with Maven


Front provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or disability.