Location: Remote, US
Employment Type: Regular
Team: Community
We are seeking an Application Security Engineer to work in our growing
information security team.
In this role you will work in a cloud-native AWS environment, helping to
maintain our security program’s alignment with our culture and reduce business
risk by protecting system boundaries and corporate data. In addition, you'll
develop practices and libraries to cultivate secure SDLCs, documenting
security events and processes, and you'll actively participate in an evolving
incident response lifecycle.
What You'll Do
- Provide code review across all platforms and consultation to developers to ensure appropriate processes and considerations are integrated in SDLCs (topics can cover authentication, authorization, encryption, logging, and more).
- Ownership of discovering security vulnerabilities and developing mitigation plans and tooling (including libraries and frameworks).
- Function as a subject matter expert for security solutions within the organization’s platform.
- Document processes, procedures, and events as needed, including assessment-based findings, outcomes, and propositions for further system security enhancements.
- Develop technical solutions and new security tools to mitigate security vulnerabilities.
- Communicate and respond with the technical and management teams during security incidents.
- Assist in triage for our bug bounty program.
- Execute incident response lifecycle processes.
- Research and test additional security processes and products.
- Stay current with new threats and exploits and assist in adjusting the company's security posture accordingly.
What We're Looking For
- Passion for information security and learning.
- At least 3 years of cybersecurity experience.
- Experience with application security tooling and processes, including code review, static code analysis, penetration testing, risk management, etc.
- An understanding of best practices and how to implement them at a business-wide level.
- Experience planning, researching and developing security standards and procedures.
- Strong programming/scripting skills (Python, Golang, Swift, and/or Kotlin strongly desirable.)
- Familiarity with AWS and web-related technologies (strongly desirable.)
- Familiarity with Kubernetes and related orchestration technologies.
Our Company:
Hinge is the dating app designed to be deleted. In today’s digital world,
singles are so focused on sending likes and looking through profiles that
they’re not actually building meaningful connections and going on dates. Hinge
is on a mission to change that by designing the most effective app experience.
On Hinge, there are no rules, timers, or games. Instead, you’ll have unique
conversations over the text, photos, and audio you’ve shared on your profile.
And it’s resonating with daters. Hinge was the fastest-growing dating app in
the US, UK, Canada and Australia in 2019 and 2020.
Our Culture:
- Authenticity: Share your genuine thoughts and opinions directly.
- Courage: Invite and deeply consider challenges and criticism.
- Empathy: Be empathetic, communitarian and trustworthy.
We are an equal opportunity employer and value diversity at our company. We do
not discriminate on the basis of race, religion, color, national origin,
gender, sexual orientation, age, marital status, veteran status, or disability
status.