Application Security Engineer

Redwood City, CA
Engineering
Full-time

TrueVault is an off-premise, secure data store that enterprises rely on to make their products immediately secure. TrueVault is engineered to store mission critical and highly sensitive data from verticals like healthcare, aviation, banking and the Internet of Things. Within the decade, every object on the planet will be connected to the internet and generating data. Our team is ambitiously working on a secure database for the future. Join our entrepreneurial team if this interests you.
 
As an Application Security Engineer, you'll work with engineering teams across TrueVault to establish and improve the security of our entire suite of products at every step of the development lifecycle. You will act as both a builder -- creating tools to help our engineers write more secure code, performing code reviews across all TrueVault products and platforms and provide detailed issue remediation guidance, and a breaker -- performing application penetration and security functional testing and work with external vendors to support 3rd party security reviews. You will be a subject matter expert for all things application security at TrueVault and participate in software architectural and design discussions. You will plan, build and deploy infrastructure to help our engineers detect and remediate vulnerabilities automatically.
 
This is an opportunity to join TrueVault at the ground level. You will have the opportunity to make a direct impact on our core product and you will have full ownership of your role. You will establish application security standards for code quality, hash functions, cryptography, and key material handling while developing processes and tools to identify security flaws in code.
 
 

Must Have Qualifications:

    • Expert-level knowledge in Python
    • Strong familiarity with OWASP top 10 web vulnerabilities and the ability to explain them
    • Excellent knowledge of common compiler and library security flags and options
    • Understanding of web services architecture and protecting public APIs
    • Solid cryptography fundamentals
    • Experience using fuzzers
    • Experience with static analysis and common tool sets
    • Current knowledge of threat landscape

Perks

    • Competitive salary and generous equity packages
    • World Class Medical, Dental, and Vision benefits
    • Open vacation policy
    • Flexible work hours
    • Personal wellness budget to spend on gym membership, fitness classes, spa, etc.
    • Commuter benefits
    • Fully stocked kitchen and daily meals delivered (including Philz Coffee!)
    • Generous equipment budget and customized workstation
    • Quarterly offsites at cities like Santa Monica, Austin, Denver and Portland

What is TrueVault?
TrueVault is an off-premise, secure data store that enterprises rely on to make their products immediately secure. TrueVault is engineered to store mission critical and highly sensitive data from verticals like healthcare, aviation, banking and the Internet of Things. TrueVault is designed to take data from mobile health apps, wearable devices, and even genomic research so that our customers don’t need to spend their precious time worrying about security, performance, and scalability. More than just a database as a service, TrueVault’s proprietary technology allows us to secure our customers' data better than anyone else can (hint: think encryption and global scale slice distribution).

Our mission is to provide the simplest, most secure way for apps and devices to store sensitive data. Simple and secure storage of people’s most personal and private information is a huge challenge. That's why we are looking for incredible people (like you perhaps?) to join us.

Who is TrueVault?
TrueVault is a Y Combinator graduated startup based in Silicon Valley. We have an incredible group of investors including Paul Buchheit, Mark Pincus, and Bill Tai who have invested more than $3 million dollars because they deeply believe in our mission. We are a group of engineers passionate about data security, API performance, and building products that developers like us love to use. We are looking for a handful of engineering MacGyvers to join our founding team.

Why join TrueVault?
At TrueVault, you will have the opportunity to work in arguably the biggest market opportunity of this coming decade, improve the collection, portability, and security of really critical data, and push the envelop of data portability forward. You’ll work on things that haven't been done before. Plus you’ll get to choose what you want to work on and develop products that your peers will rely on and love using.

If you want to work at a place that values "getting things done" more than "working the startup hours," talk to us. If you take pride in what you do and care about the people who use the product, you’ll find people just like you here. If you want to open source and share what you’ve built with the world, at TrueVault you can. But most importantly, if you want to work with other incredible minds and welcome the challenges of doing things that’ve never been done, then we want you to join us. If you are passionate about security, performance, and scalability, TrueVault might be just what you’re looking for.