Application Security Engineer

San Francisco

Roostify is a market leader in the digital mortgage space. We have a need to grow our information security team and are looking to hire an engineer focused on application security.  We are willing to train if you don’t meet all the requirements.


  • Review merge requests from software developers to proactively address security concerns before changes are merged to master
  • Validate and address findings from static analysis tools
  • Perform routine internal penetration testing
  • Develop and evangelize secure programming standards
  • Conduct periodic internal software security audits
  • Validate, address, and document responses to security findings from third-party penetration testing engagements
  • Organize routine audit procedures


  • 2+ years as a software developer (Ruby on Rails experience is a plus)
  • Proficiency in MVC software frameworks
  • Comprehension of the OWASP Top 10 and similar standard vulnerabilities
  • Good verbal and written communication skills

Please list the job you're interested in as the subject line, and tell us why you want to join Roostify. Be sure to include a resume or similar document that can quickly outline your relevant experiences.