Senior Application Security Engineer
At Notarize, we’re pulling the future closer, bringing industries like real estate, automotive, and financial services into the digital age. We’re the first company to complete a legal online notarization, online mortgage closing, online will, online auto sale, and countless other critical transactions.
We’re proud to play an integral role for our customers -- from individuals to major enterprises -- in making life’s most important moments better.
Our business has grown exponentially (over 600%!) in the past year. In September 2021 we came in at #114 on Inc.’s list of the 5000 fastest-growing companies in the nation. We raised an additional $130 million in Series D funding in March of this year -- backed by industry behemoths like Capital G/Google, Citi, and Wells Fargo -- and we recently announced a major strategic partnership with Adobe.
Notarize is the pioneer and market leader in Remote Online Notarization (RON), and we’re building the team that will operate a critical platform in tomorrow’s fully-remote economy. Come join us!
Notarize is proud to be a fully-distributed, remote-first team. Employees can work from anywhere in the United States -- all 50 states and D.C too.
We are looking for an Application Security Engineer to work closely with engineering & information security teams, product managers, bug bounty providers and pen testers to ensure that Notarize applications are secure.
What you’ll do as a Senior Application Security Engineer
- Lead application security reviews and threat modeling, including code review and dynamic testing.
- Guide and advise product development teams as a subject matter expert in the area of application security.
- Own and perform application security vulnerability management.
- Support and evolve the bug bounty program.
- Lead security releases.
- Lead in development of automated security testing to validate that secure coding best practices are being used.
- Develop security training and socialize the material with internal development teams.
- Support and participate in incident response and technical investigations as needed.
- Coordinate and drive remediation of identified risks and control deficiencies.
What we're looking for
- Strong understanding and experience with common security libraries, security controls, and common security flaws.
- Experience with OWASP, static/dynamic analysis, and common security tools.
- Solid development or scripting experience and skills, preferably with back-end technologies.
- Be a subject matter expert of at least 1 technical area impacting the security of the product (for example: web protocols, PKI, cloud, etc.)
- Strong experience working closely with developers.
- Good understanding of network and web related protocols.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Experience identifying security issues through code review.
Notarize is committed to building an inclusive environment for people of all backgrounds and everyone is encouraged to apply. We are an equal opportunity employer and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We'd love to hear from you.