Application Security

last updated July 11, 2021 1:16 UTC

Auth0

HQ: Remote

more jobs in this category:

  • -> Transcriptionist @ Literably
  • -> Remote Freelance Writers for Entry-Level Blogging Work @ We Write Blog Posts
  • -> English Transcript Editor @ 3Play Media
  • -> Data Entry Operator @ Tower Health
  • -> Data Entry specialist @ RMJ4U

Auth0 provides a secure, highly available, enterprise-grade platform that secures billions of log-ins every year. The company makes it easy to implement even the most complex identity solutions for their web, mobile, IoT and internal applications, as well as sophisticated identity management for employees, customers and partners. Auth0 has raised over $54 million from Meritech Capital, NTT DoCoMo, Trinity Ventures, Bessemer Venture Partners, K9 Ventures, Silicon Valley Bank, Founders Co-Op, Portland Seed Fund and NXTP Labs.

Thousands of enterprises and millions of users worldwide depend on Auth0 for authentication and authorization of their most mission-critical apps, APIs and IoT devices. Auth0’s top priorities are availability and security.

We are looking for an Application Security Engineer to join us in keeping Auth0 and our customers data safe. Our engineering team builds web apps, mobile apps, and APIs, and we have customers in just about every industry. This creates many interesting use cases that we need to support while maintaining security.

Our App Sec Engineers work closely with our our product teams – reviewing apps and building tools to make their work as frictionless and secure as possible.

Responsibilities

  • Conduct web application security testing

  • Triage vulnerabilities and communicate the impact to our engineers

  • Support our Engineers through our Secure Software Development Lifecycle – with guidance and tooling

  • Build security controls and instrumentation around and in our code

  • Automate security testing

  • Threat modeling of new and existing features

  • Educate and influence our engineering teams

Requirements

  • Experience working as an Application Security Engineer or a developer of a security product

  • Experience with application test methodologies and tooling

  • Experience with at least one programming language

  • Understanding of common vulnerabilities in web and mobile applications (OWASP Top 10)

  • Excellent communication skills

Extra points

  • Experience with popular threat modeling systems

  • Experience with static analysis

  • Experience with fuzzing applications and protocols

  • Experience with authentication protocols (e.g. SAML, OAuth etc)

Examples of our Engineering Culture

  • auth0.engineering/

  • auth0.engineering/cloud-security-monitoring-at-auth0-part-ii-b106354a0e5d

  • https://auth0.engineering/detecting-secrets-in-source-code-bd63b0fe4921

Shopping Cart
There are no products in the cart!
Total
 0.00
Checkout
0