Staff Application Security Engineer
Staff Application Security Engineer
HoneyBook
HoneyBook is seeking a Staff Application Security Engineer to join their IT and Security team. This role focuses on enhancing application security by collaborating with engineering teams, managing security tools, and promoting secure software development practices. HoneyBook is an AI-powered business management platform that supports service-based business owners.
Qualification
- Hands-on experience in application security and secure software development practices.
- Strong understanding of threat modeling and security assessments.
- Experience with managing security tools and bug bounty programs.
- Ability to collaborate effectively with engineering teams.
- Knowledge of cloud-based applications and emerging technologies.
Responsibility
- Collaborate directly with engineering teams to define remediation strategies, track implementation, and validate security fixes across the application stack.
- Design, implement, and drive Secure Software Development Lifecycle (SSDLC) practices across the company, including security design reviews and threat modeling.
- Conduct threat modeling, architecture reviews, and security assessments of cloud-based applications and services.
- Manage HoneyBook’s bug bounty program, validating reports and coordinating response and resolution.
- Own and operate a suite of AppSec tools including SAST, ASPM, and other security scanners, triaging findings and guiding engineering toward resolution.
