Location: Remote US, Seattle, San Francisco
Job Posted: 2 years, 1 month ago
What You’ll Do
As a Security Engineer, you'll join a team of talented security engineers working to reduce risk across the company. We work with engineering and product teams to provide security expertise during each phase of the SDLC and take a leadership role in driving security initiatives. We identify recurring classes of security problems, find the root cause, and develop generalized and creative solutions to reduce the occurrence of application vulnerabilities at scale. We strive to advocate and teach security to engineers. Additionally, we assist with third-party security assessments and operate Twitter’s bug bounty program.
Who You Are
The ideal individual has both application security expertise and development experience. They have in-depth knowledge of application security and can identify potential risks in designs, code, or in deployed applications. They should also have experience with threat modeling, security reviews, pen-testing and providing security guidance to development teams. They recognize the importance of building security solutions that scale both technically and organizationally, and adapt to changing business requirements. They enjoy advocating security by writing, giving talks, or hosting educational sessions for developers.
You will meet most (but need not meet all) of the following points:
Who We Are
The Application Security (AppSec) team is a blend of security engineers and security-focused software engineers helping ensure Twitter builds and maintains secure software. In addition, we conduct security assessments, provide guidance, develop tooling, and advocate and train engineers throughout the systems development lifecycle (SDLC) to ensure security is prioritized at each step of development. Diversity makes us a better organization and team. We value diverse backgrounds, ideas, and experiences.