One stop solution to your remote job hunt!

By signing up you get access to highly customizable remote jobs newsletter, An app which helps you in your job hunt by providing you all the necessary tools.

OR
Subscribe to our highly customizable newsletter to get remote jobs from top remote job boards delivered to your inbox.
MURAL.co over 1 year ago
location: remoteus
Apply Now

Title: Application Security Engineer

Location: Remote

Mural’s mission is to inspire teams to connect and innovate, while bringing purpose and intention to the craft of collaboration.

Founded in 2011, Mural is a leading innovator in visual collaboration for hybrid, remote, and distributed teams. We believe in what we build, and our team of more than 600 Muralistas around the world collaborate in the Mural app. Our values guide our intentionally inclusive product and culture, which includes collaboration design education and a flexible monthly stipend for learning, wellness, and coworking.

Mural has raised $200M to date and is growing rapidly to fulfill our mission. The company is trusted by 95% of the Fortune 100, including innovative teams at IBM, Intuit, GitLab, Microsoft, and Atlassian.

THE TEAM

The product security team plays a vital role in identifying and mitigating risks within the Mural product as well as partnering with other engineering teams to recommend product features that enhance security for our customers.

YOUR MISSION

As an Application Security Engineer, your role will involve executing the MURAL product security strategy. You will triage and validate public bug bounty submissions, as well as implement SAST test cases in the CI workflow. Collaborating closely with developers, you will work to expand security testing coverage and participate in security reviews of MURAL product features. Additionally, you will play a crucial role in educating and promoting secure coding best practices.

WHAT YOU’LL DO

The top candidate will bring experience working with small to medium, high growth, global tech companies:

  • Fair understanding of Linux, Networking, and Cryptography fundamentals
  • Experience finding vulnerabilities in web applications
  • Ability to understand the attacker’s perspective
  • Prior experience in vulnerability management with SAST/DAST automation
  • Ability to read code in TypeScript/JavaScript
  • Familiarity with NoSQL and its associated pitfalls
  • Ability to code quick scripts / automations
  • Excellent command of English, both written and verbal

WHAT YOU’LL BRING

  • Understanding of web application and mobile application security risks
  • Software development experience with Node.JS or other frameworks like React, Angular, etc.
  • Experience with MongoDB, Ruby, and/or Python
  • Fair understanding of Linux, Networking, and Cryptography fundamentals
  • Experience with CI/CD pipelines

If you have participated in public or private Bug Bounty programs, or have any other open source or community contributions, presentations, or blog posts in the security space, please share it with us!

Equal Opportunity

We will ensure that iniduals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.