Application Security Engineer

San Francisco

Roostify is a market leader in the digital mortgage space. We have a need to grow our information security team and are looking to hire an engineer focused on application security.  We are willing to train if you don’t meet all the requirements.

WHAT YOU'LL BE DOING

  • Review merge requests from software developers to proactively address security concerns before changes are merged to master
  • Validate and address findings from static analysis tools
  • Perform routine internal penetration testing
  • Develop and evangelize secure programming standards
  • Conduct periodic internal software security audits
  • Validate, address, and document responses to security findings from third-party penetration testing engagements
  • Organize routine audit procedures

CANDIDATE REQUIREMENTS

  • 2+ years as a software developer (Ruby on Rails experience is a plus)
  • Proficiency in MVC software frameworks
  • Comprehension of the OWASP Top 10 and similar standard vulnerabilities
  • Good verbal and written communication skills

Please list the job you're interested in as the subject line, and tell us why you want to join Roostify. Be sure to include a resume or similar document that can quickly outline your relevant experiences.