Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Staff Application Security Engineer image - Rise Careers
Job details

Staff Application Security Engineer - job 2 of 2

Our MissionSPAN is enabling electrification for all ⚡SPAN is mission-driven to design, build, and deploy products that electrify our built environment, decarbonize our world, and slow the effects of climate change.• Decarbonization is the process to reduce or remove greenhouse gas emissions, especially carbon dioxide, from entering our atmosphere.• Electrification is the process of replacing fossil fuel appliances that run on gas or oil with all-electric upgrades for a cleaner way to power our lives.At SPAN, we believe in:• Enabling homes and vehicles powered by clean energy• Making electrification upgrades possible• Building more resilient homes with reliable backup• Designing a flexible and distributed electrical gridThe RoleWe are seeking a highly skilled and experienced individual to join our Security & Privacy team at SPAN as a Staff Application Security Engineer. In this critical role, you will be instrumental in building and enhancing SPAN’s application security program. Your responsibilities will ensure the security of our applications through proactive assessment, threat modeling, code reviews and close collaboration with the development teams. Ideal candidates will have extensive experience in application security, deep understanding of secure coding practices and ability to influence and educate others on security matters.Responsibilities include:• Lead and execute application security assessments, including static application security testing (SAST), dynamic application security testing (DAST), code reviews, penetration testing, and security architecture reviews.• Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC).• Perform threat modeling on existing and upcoming feature sets in SPAN applications to ensure appropriate security controls are built from the ground up.• Develop and enforce a robust Identity and Access Management posture• Design, implement, and maintain application security controls and solutions, leveraging hands-on coding experience.• Automate application security controls using scripting to minimize human interaction and increase efficiency.• Own the vulnerability assessment and patch triage process to support ongoing vulnerability and patch management at SPAN and provide recommendations for identified vulnerabilities• Ensure compliance with regulatory requirements and industry standards including risk assessments and risk mitigation strategies for application security.• Ensure that our production platform in AWS is hardened as per industry standards, such as CIS benchmarks• Deploy and manage Security Incident and Event Management (SIEM) solutions at SPAN.• Participate in the evaluation, selection, and deployment of cutting-edge security tools and technologies.• Stay current with the latest application security threats, vulnerabilities, and best practices. Continuously evaluate and improve application security processes and technologies.About you• Bachelor’s Degree in Computer Science, Information Assurance, Cyber Security, or related field of study• 7+ years of experience in a security engineering or operations role, with a focus on application security.• Hands-on experience with one or more security tools such as Burp Suite, SonarQube, OWASP ZAP and Checkmarx.• Strong knowledge of applied cryptography, TLS/SSL, web authentication protocols such as OAuth/SAML• Deep understanding of web application vulnerabilities and defenses• Proficient in scripting languages such as Python, Perl, PHP, or Ruby for task automation and data manipulation.• Experience in developing threat models (e.g., STRIDE, DREAD).• Hands-on experience with AWS Security best practices• Experience with vulnerability scanning tools like Qualys, Nessus, etc.• Experience with SIEM tools like Splunk, Sumo Logic, etc.• Certifications such as CISSP, CSSLP, or relevant industry certifications are a plus.The U.S. base salary range for this position is $160,000 - $215,000, plus benefits and equity. This range represents SPAN’s good faith estimate of a competitively-priced salary for the role based on national, real-time industry data from companies of a similar growth stage. This range reflects minimum and maximum new hire salaries for the role in San Francisco county. Within this range, individual pay is determined by location and individual factors including relevant skills, experience and education or training. This range correlates to the relative level of the candidate we believe we need for the role and may require an adjustment for candidates of a different level.Your recruiter can share more about the specific salary range for the location this role is based during the hiring process.Life at SPANHeadquartered in San Francisco’s vibrant SoMa neighborhood, we are an eclectic group of creative thinkers who value open communication, teamwork, and a ‘make it happen’ approach to addressing complex challenges.SPAN embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills.We’re hiring talented individuals who are driven by success and are passionate about shaping the future of renewable energy. If that sounds like you, we’d love for you to consider joining the rapidly growing team at SPAN.The Perks:⚡ Competitive compensation + equity grants at a well-funded, venture-backed company⚡ Comprehensive benefits: 100% employee premiums for base plans on medical, dental, vision with options for additional coverage. Parental leave up to six (6) months depending on eligibility⚡ Comfortable, sunny office space located near BART and Caltrain public transit⚡ Strong focus on team building and company culture: Employee Resource Groups, monthly social events, SPANcakes recognition breakfast, lunch and learns⚡ Flexible hours, one holiday per month and unlimited PTOInterested in joining our team? Submit an application today and we’ll be in touch with next steps!Job posting details for Staff Application Security Engineer at Span in San Francisco. Compensation / salary range: $160,000 - $215,000, plus benefits and equity. ClimateTechList gathers 39,000+ job openings from over 1,799 climate tech companies and updates them daily.
SPAN Glassdoor Company Review
3.1 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
SPAN DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of SPAN
SPAN CEO photo
Arch Rao
Approve of CEO

SPAN is a startup that operates in the energy sector, founded by Arch Rao in 2018. We offer innovative solutions and develops products to enable the rapid adoption of renewable energy and deliver an intuitive interface for the home.

62 jobs
MATCH
Calculating your matching score...
BADGES
Badge ChangemakerBadge Family FriendlyBadge InnovatorBadge Work&Life Balance
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, on-site
DATE POSTED
August 13, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
Other jobs
Company
Clearway Energy Hybrid Scottsdale, Arizona, United States
Posted 6 months ago
Company
SPAN Hybrid San Francisco
Posted last month