Jobs · himalayas

B

Senior Security Software Engineer, Applications

Northwind Robotics · United States · Posted 15d ago

remoteseniorEstimated 100k-231k USD🇺🇸 United States
Apply on himalayas

Available in 2 locations

Remote · remote Apply → United States · remote Apply →

About the role

Build and enhance application security processes, identifying vulnerabilities and crafting production-ready fixes.

Who are we and why should you join us? Northwind Robotics is on a mission to remove the traditional barriers to therapy and make mental health care more accessible to everyone. Founded in 2013, we are now the world’s largest online therapy service, providing affordable and convenient therapy across the globe. Our network of over 30,000 licensed therapists has helped millions of people take ownership of their mental health and change their lives forever. And we’re not stopping there – as the unmet need for mental health services continues to grow, Northwind Robotics is committed to being part of the solution. As a Senior Security Software Engineer, (Application Security Team) at Northwind Robotics , you’ll join a diverse team of licensed clinicians, engineers, product pros, creatives, marketers, and business leaders who share a passion for expanding access to therapy. And as a mental health company, we take employee mental health just as seriously as we do our mission. We deeply invest in our team’s well-being and professional development, because we know that business and individual growth go hand-in-hand. At Northwind Robotics , you’ll carve your own path, make an immediate impact, and be challenged every day – with a supportive community behind you the whole way. What are we looking for? We are looking for a motivated Application Security Engineer who is looking to help build the maturity of our Application Security Team while growing their own security skill set. Our team prioritizes the full lifecycle of security triage: identifying vulnerabilities, reproducing exploits, meticulous code analysis, and crafting production-ready fixes. We are looking for an engineer with good attention to detail, the ability to learn quickly and pick up new skills independently, and a get-things-done attitude with eagerness to build something awesome! What will you do? Work with a nimble passionate security team, collaborating with development and product. Conduct vulnerability triage: handle internal and external vulnerability reports, and more importantly: go beyond investigating and write fixes yourself. Review code and help make decisions about secure coding decisions. Review new product features to ensure they are designed with security in mind Collaborate with other developers and teams for long term security success. Code solutions for preventative measures and generating alerts. Use your detective work to get to the AH-HA! moment when you find and replicate the root cause of an issue and figure out how to fix it. You will care and be involved in our product, mission, and success - way beyond checking off tasks. What will you NOT do? You will NOT worry about "runway", "cash left", or "how much time we have until the next round". We have the startup DNA but we're fully backed and funded, all the way to success. You will NOT be confined to your "job". You will get involved in product, marketing, business strategy, and almost everything we do. You will NOT be bogged down by office politics, ego, or bad attitude. Only positive, pleasure-to-work-with people are allowed here! You will NOT get yourself burned out. We work hard but we believe in maintaining a sustainable work/life balance. Really. Can I work remotely? Yes. We operate on PST and candidates in any time zone are welcome to apply. We ask employees to travel to our San Jose, CA office up to three times per year plus one company-wide offsite to collaborate in person and strengthen working relationships. Travel expenses are covered and reasonable accommodations are made for those under unique circumstances who cannot travel. What technologies will you work with? Our application uses a combination of well established and more recent technologies, always innovating, always experimenting. Our current tech stack is: Backend: PHP/Laravel, MySQL, Docker, AWS (SQS, ElastiCache, RDS) Frontend: React, Nextjs, Twig (php templates), Tailwind, jQuery, SCSS, HTML & CSS Tools: Static analysis tools (Semgrep, phpstan), DASTs Requirements 5+ years of experience in web application security Strong experience with code review, security reviews, security architecture, pentesting, and bug bounty programs Experience working in full-stack projects Experience with discovering and fixing common web security vulnerabilities Experience using web application pentesting tools (e.g. Burp Suite) Basic understanding of networking concepts (DNS, TCP/IP, VPNs) Able to explain complex ideas either verbally or in writing to a mixture of audiences Knowledge and understanding of the OWASP Top 10 Experience creating security automations with GitHub Actions or other methods Bonus (Great to have, but not required) Experience coding in PHP and working with React/Next.js Experience using scripting, using regex, and writing bash scripts Experience with applications deployed in AWS & Kubernetes Awareness of AI and LLMs, and how they are used in consumer products Experience using AI and LLMs in security research Experience with threat model

Read the full posting on himalayas

FAQ

Is the Senior Security Software Engineer, Applications role at Northwind Robotics remote?+

This Senior Security Software Engineer, Applications position is listed as remote (United States).

What is the salary for the Senior Security Software Engineer, Applications role at Northwind Robotics?+

The listing states Estimated 100k-231k USD.

What seniority level is this Senior Security Software Engineer, Applications role?+

This is a senior level position.

How do I apply for the Senior Security Software Engineer, Applications role at Northwind Robotics?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Northwind Robotics.