Related keywords: devops remote jobremote job java developerremote job web developer
This page contains product affiliate links.
Prosper is currently seeking a Senior Application Security Engineer to enhance its security team and play a crucial role in mitigating security risks across the software development lifecycle (SDLC). This position is essential for aligning security practices with engineering, product, and DevOps teams to ensure security is embedded from design to deployment.
As a Senior Application Security Engineer at Prosper, you will work closely with cross-functional teams to address various security challenges. Key responsibilities include:
Partnering with engineering and product teams to define and implement security requirements for applications, APIs, and microservices during design and architecture reviews.
Conducting in-house penetration testing, secure code reviews, and threat modeling for high-impact features and critical products.
Leading application vulnerability management, which involves triaging and driving the remediation of security findings from tools such as SAST, DAST, SCA, and penetration tests.
Consulting with and advising cross-functional teams on secure coding practices, security architecture, and effective remediation strategies.
Establishing and maintaining application security standards, guidelines, and best practices, ensuring alignment with industry frameworks such as OWASP, NIST, and ISO.
Working closely with DevSecOps teams to ensure security tools are integrated into Continuous Integration/Continuous Deployment (CI/CD) pipelines, maintaining their functionality.
Staying informed about emerging security threats, vulnerabilities, tools, and methodologies to continuously improve the company’s security posture.
To succeed in this role, candidates should possess the following qualifications:
A Bachelor’s degree in Computer Science, Information Security, or a related field, with at least 8 years of professional experience. Alternatively, candidates with a Master’s degree and 6+ years of experience will also be considered.
Strong hands-on experience in application security, secure coding, and penetration testing.
A development background, showcasing expertise in programming languages such as Java, Python, SQL, JavaScript, and HTML.
Familiarity with modern web application frameworks such as Spring Boot, .NET, J2EE, and REST APIs.
A solid understanding of web and API security vulnerabilities, especially the OWASP Top 10 and API Top 10 vulnerabilities.
Knowledge of application security testing tools including SAST, DAST, SCA, and IAST, as well as experience with integrating security into DevOps pipelines.
Awareness of various regulatory frameworks like PCI DSS, GDPR, and SOC 2.
Candidates with the following will have an advantage:
Certifications such as OSCP, CSSLP, GWAPT, CEH, GPEN, or CISSP.
Familiarity with cloud security aspects, specifically AWS, GCP, Azure, along with container security technologies like Docker and Kubernetes.
Experience in delivering secure SDLC initiatives and promoting developer security education.
In addition to a competitive salary, Prosper offers several benefits aimed at promoting a healthy work-life balance:
Flexible time off and a robust health coverage plan.
Paid parental leave, wellness benefits, and access to mental health resources.
Additional perks include a Udemy access for learning, childcare assistance, pet insurance discounts, legal assistance, and more.
Founded in 2005, Prosper is a pioneering fintech company that connects borrowers with investors in a peer-to-peer marketplace. They have originated over $27 billion in loans, significantly helping over 2 million individuals access affordable credit. The company is fundamentally driven by a mission to enhance the financial well-being of its customers through an array of products, including personal loans, credit lines, and home equity lines of credit.
Prosper values diversity and collaboration, fostering a culture where innovation thrives. Their commitment to accountability and teamwork ensures that employees can produce outstanding results while feeling respected and included.
The role is primarily based in the United States and follows the Pacific Time zone for working hours, emphasizing the importance of timely collaboration among teams. The company promotes an Agile development methodology, aiming to produce high-quality software solutions efficiently.
If you're passionate about securing applications and thrive in a supportive, innovative environment with a leading fintech firm, Prosper might just be your next career move! Consider applying to help shape the future of financial technology security.
This job offer was originally published on himalayas.app
This job offer summary has been generated using automated technology. While we strive for accuracy, it may not always fully capture the nuances and details of the original job posting. We recommend reviewing the complete job listing before making any decisions or applications.
