Senior Application Security Engineer
We’re looking for a Senior Application Security Engineer to join our team. As part of a Wealthfront security, you will play a key role in ensuring our clients’ trust and safety while using our services. We are looking for someone who has a mixture of technical ability and attention to detail, and who can function in a combination of offensive and defensive capabilities. This person should be passionate about Application Security, and be capable of designing creative approaches to provide effective product security at scale.
Expectations and Responsibilities:
- Develop and support the Wealthfront Secure Software Development Lifecycle.
- Serve as an Application Security subject matter expert through design reviews, threat modeling, code reviews, and pentesting.
- Collaborate with and advise our partner engineering teams on application security best practices and lead the effort towards vulnerability remediation.
- Maintain, implement, and own various security tools and dashboards.
- Plan for, scope, and kick-off internal and third party penetration programs in accordance with our compliance needs.
- Foster deep relationships with our Engineering teams to ensure we are effectively monitoring our application and infrastructure.
- Perform deep-dive security reviews to ensure Wealthfront’s services follow secure design principles across our product portfolio.
- Keep yourself and the engineering organization up-to-date with latest security trends and vulnerabilities.
What We're Looking For:
- 3+ years in most recent role focused on application/product security.
- 5+ years prior in a Software Development or Security Engineering role for client facing companies
- Strong background in development and scripting (Python, C++, Java, Javascript)
- Familiarity with security testing tools such as Burp Suite, Nikto, OpenVAS/Qualys, and Metasploit
- Ability to perform design reviews, conduct threat modeling, and run pentests with an attacker’s mindset
- Deep familiarity with application security best practices, and familiarity with common vulnerabilities (OWASP top 10, SSRF, race conditions, privilege escalations, etc.)
Bonus Points:
- Participates in CTFs or actively contributes to the security community (e.g. exploitation development, blogging, maintaining/publishing security tools)
- Experience with mobile specific security, privacy, and permission concepts for iOS and Android (WebViews, TouchID/FaceID API, etc.)
- Experience conducting and participating in tabletop exercises, as well as red/purple team activities
Estimated annual salary range: $160,000 - $185,000 USD plus Equity.
Plus benefits include medical, vision, dental, 401K plan, generous time off, parental leave, wellness reimbursements, professional development, employee investing discount, and more!
Everyone across the financial spectrum deserves to live secure and rewarding lives. In order to successfully serve clients across the United States, the Wealthfront team is focused on hiring team members with a diverse range of backgrounds, experiences and perspectives. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
About Wealthfront
Wealthfront started with the ambition to transform the investment advisory business, with the goal to unlock access to high quality investment advice for millions who were underserved by the traditional institutions. We built the first automated investment product that allows you to invest in a personalized portfolio of thousands of companies in seconds for a remarkably low fee; we then expanded into banking which made it remarkably easy for people to automate their finances end-to-end and eliminated the hassle of money management, all of which resulted in attracting more than $27 billion of our client’s hard earned savings, created the robo-advisor category and transformed the broader industry. And yet, we have a long way to go to achieve our mission to build a financial system that favors people, not institutions.
Wealthfront’s vision is to make it delightfully easy to build long-term wealth on your own terms. This vision is more relevant than ever because millions more people are getting into the market early and investing their hard earned savings in a handful of stocks. While this is a great way to start, it is inconsistent with building long-term wealth. We want to empower young investors to expand their horizon, and easily explore and execute on a wider range of investing strategies, make informed investment decisions that are consistent with their values and beliefs while also making it effortless to grow and compound their savings exponentially, that’s transformational to their lives and their long-term future.
Please review our candidate privacy notice