Sr Application Security Engineer

Santa Monica, CA
Engineering – IT / Security
Full-time (exempt)
Ring.com is looking for an Sr. Application Security Engineer who can support the overall improvement and maturity of the Application Security Program, within Information Security. This role will aide in the identification, triage, and remediation of application security vulnerabilities. The application security engineer position is also responsible for maintaining and improving processes that support the analysis of web, api, thick-client, and mobile applications. This role is also responsible for product security assessment of IoT devices, and the software technologies associated.

Responsibilities

    • Embed security enablement practices into new and existing CI/CD pipelines.
    • Perform automated and manual code review.
    • Participate in software architecture review and design discussions.
    • Produce automated SAST and DAST solutions to be used within the SDLC.
    • Develop secure coding guidelines and training articles.
    • Perform security assessments of new products and technologies. In addition, will help maintain automated detection, monitoring, and troubleshoot vulnerability scanning and assessment tooling.
    • Support day-to-day administration of Ring’s various bug bounty programs.
    • Triage and provide proof of concept demonstrations of Provide support and resolution for scanning and vulnerability remediation reporting issues.

Basic Qualifications

    • 5+ years’ experience working with various networking protocols expected to be used at Ring, specifically regarding both video and content lifecycle.
    • 5+ years’ working with application security vulnerabilities, OWASP top ten, and the appropriate remediation techniques.
    • 3+ years’ working with issue and wiki management systems such as Jira and Confluence.
    • 3+ years’ experience with Oauth2, SAML, and general idp provider technologies.
    • 5+ years’ experience working with AWS cloud compute services and architectures.

Preferred Qualifications

    • Experience or knowledge in developing using today’s modern application development frameworks.
    • Experience and strong technical knowledge in application security, cryptography, authentication and authorization, and security development best practices.
    • Strong experience in software development using C, C++, Python, Ruby, Go, Swift, Android SDK, and Java.
    • Experience developing security best practices within a distributed and service-oriented architectures.
    • Experience leading small teams and mentoring junior staff in an open and positive manner.
    • Ability to work with application development teams, to provide technical solutions for security best practices.
About Ring

Ring's mission is to make neighborhoods safer by creating a Ring of Security around homes and communities with its suite of home security products and services. The Ring product line, along with the Ring Neighbors app, enable Ring to offer affordable, complete, proactive home and neighborhood security in a way no other company has before. In fact, two Newark, NJ neighborhoods saw an over 50 percent decrease in home break-ins after Ring Video Doorbells and Spotlight Cams were installed on 11% of homes in the communities from April-July 2018 when compared to the same time period in 2017. Ring is an Amazon company. For more information, visit www.ring.com. With Ring, you’re always home.

Ring LLC is proud to be an equal opportunity employer and provides equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or genetics.