Senior Application Security Engineer
THE ROLE:
We’re building a security program from the ground up, in collaboration with related teams like SRE and Data Engineering. We believe in shifting left and incorporating security thinking into the earliest stages of project planning. We want to automate toil and give application engineers tools to self-serve. If this sounds like your philosophy, please consider applying today!
WHO WE ARE:
We are a producers playground, delivering music creators the tools they need to bring their ideas to life. With a massive, industry-leading catalog of licensed samples, paired with powerful AI, and access to affordable plugins and DAWS, Splice kicks sound discovery, inspiration, and creative output into overdrive.
HOW WE WORK:
At Splice, DISCO is a rallying cry for collaboration, accountability and unity within our organization; Direct, Inclusive, Splice Together, Creator Centric and Optimistic. Our shared success depends on our ability to support one another, work well together and communicate directly. By embracing flexibility and a unified approach, we can navigate anything that’s thrown at us.
Splice embraces a culture of remote work. You’ll see your colleagues showing up from across the US and the UK. In order to keep us working well as a team, we have regular communication, including Town Halls, departmental All Hands and get-togethers.
When you join Splice, you join a network of colleagues, peers, and collaborators. Are you ready?
WHAT YOU’LL DO:
- Design, implement, and evolve application security strategy to support business needs
- Manage third-party security software, particularly in the context of CI/CD
- Build custom security tooling as needed to augment third party solutions
- Collaborate with and mentor application engineers on security practices
- Partner with SRE team on CI/CD and incident response
- Collaborate with Data Engineering on concerns including privacy and user data
- Coordinate penetration tests with external vendors
- Author and maintain internal security policy
JOB REQUIREMENTS:
- Deep knowledge of security best practices and procedures (secrets management, threat modeling, principle of least privilege, etc.)
- 5+ years experience writing software using modern languages like Go, TypeScript/JavaScript, etc.
- Understanding of application security concerns like XSS, CSRF, etc.
- Experience with CI tools such as GitHub Actions, Jenkins, CodeBuild
- Experience working in a Kanban/Scrum/Agile development environment
- 5+ years prior working experience in an Application Security (AppSec) engineering role
In accordance with New York law, the salary range for this role if filled within New York is $175,000 - $200,000.
Splice is an Equal Opportunity Employer
Splice provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.