• We collaborated closely with our engineering organization to deliver an amazing training that developers actually wanted to take.
• We’re building out tooling that will help us manage and eventually eliminate the overhead of vulnerable dependencies in our applications.
• We’ve making the OWASP ZAP more usable for non-security folk by building a Heads Up Display for it.
• We're building a system to identify, classify, and track sensitive data within our infrastructure in real time.
• We’ve built tooling to help eliminate the usage of credentials within source code or config files.

• You have a solid understanding of software security principles
• You can write maintainable software to solve security problems
• You can break down complex security problems into measurable and solvable pieces
• You have 2+ years of software security engineering experience or some cool projects on GitHub you think we'll love to check out

Bonus:

• You have familiarity with AWS, Docker, Golang, Node.js - huge plus
• Any official or non-official red team experience
• You’re involved in the InfoSec community. Our team helps organize the OWASP SF chapter and the AppSec California, B-Sides SF, and Day of Shecurity conferences.
•