<p>Our Oakland client is seeking a hands-on Senior Application Security Engineer to bridge application security and development teams. This is an opportunity to drive foundational application security work, working directly with developers to ensure secure software delivery across the organization.</p><p> </p><p>This is a contract role to start, and is 100% remote.</p><p> </p><p><strong>Key Responsibilities:</strong></p><p> </p><p>Bug Bounty / Ethical Hacker Program Management (Bugcrowd):</p><ul><li>Own daily management of our Bugcrowd program</li><li>Review and triage incoming vulnerability findings</li><li>Work with ethical hackers and engineers on issue resolution</li><li>Explain vulnerabilities and provide clear remediation guidance—understand not just what’s wrong, but how to fix it</li></ul><p> </p><p>Secure Software Development Lifecycle (Secure SDLC):</p><ul><li>Help design and mature our secure SDLC program (security is early in the journey here)</li><li>Partner with developers to integrate security testing early in the process</li><li>Perform and coordinate hands-on security testing prior to production releases</li><li>Identify and remediate vulnerabilities before deployment</li></ul><p> </p><p>Code Scanning & Tooling (Snyk):</p><ul><li>Manage and interpret findings from Snyk across code repositories</li><li>Review, validate, and prioritize vulnerabilities, supporting developers to distinguish real issues from false positives</li><li>Provide actionable, clear guidance for remediations</li></ul><p> </p><p>Social Account Security Oversight:</p><ul><li>Oversee security for company social media and brand accounts</li><li>Enforce MFA, SSO, and leverage Survey as a tool for access management</li></ul><p><br></p>
