Sr Application Security Engineer (Remote)

ABOUT US: Braintrust is the only network that gives in-demand talent all the freedom of freelance with all the benefits, community and stability of a full-time role. As the first decentralized talent network, our revolutionary Web3 model ensures the community that relies on Braintrust to find work are the same people who own and build it through the blockchain token, BTRST. So unlike other marketplaces that take 20% to 50% of talent earnings, Braintrust allows talent to keep 100% of earnings and to vote on key changes to improve the network. Braintrust is working to change the way freelance works – for good. JOB TYPE: Freelance, Contract Position (no agencies/C2C - see notes below) LOCATION: Remote - United States only (TimeZone: PST/CIST | Full day overlap) HOURLY RANGE: Our client is looking to pay $110 – $116/hr ESTIMATED DURATION: 40h/week - Long-term THE OPPORTUNITY Our client is looking for a Senior Application Security Engineer with extensive product security experience and deep expertise in web security, applied cryptography, software security vulnerabilities, knowledge of IAM solutions including federation as well as superb knowledge of software security standards/best practices to join their team. They take security very seriously, and protecting their customers is their highest priority. If you are a self-starter who is passionate about security and is excited to work in a highly collaborative environment alongside a diverse team of experts every day, this position is for you. You will be the technical subject matter expert for multiple areas of application and product security. You will be responsible for performing design reviews, technical security assessments, and code reviews to highlight risk and help engineering teams improve the overall security of their products. You will be a security leader within the company, gaining a solid understanding of their products and systems, and ensuring that security is built in. This position requires both deep and broad technical knowledge across a range of disciplines, and the ability to work hands-on across a wide variety of software designs and technology stacks. In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical backgrounds in a global business environment. This is a senior position, experience in the application security space with an identity focus is key Requirements Essential: Developing and implementing advanced security techniques according to the technical architecture of their firm Performing regular security testing as well as code reviews for improving the software security Troubleshooting and debugging issues as soon as they arise Maintaining technical documentation related to software security Providing engineering designs to mitigate security vulnerabilities in new software solutions Ensuring software security at all levels of architecture Staying updated with the latest tools and advanced industry practices for software security Desirable: BS/MS degree in Computer Science, Engineering, or a related subject Demonstrated excellent technical writing skills and project/program management experience Multiple language skills are a plus. Education BS/MS degree in Computer Science, Engineering, or a related subject What you’ll be working on Serve as a primary technical security resource for all product development. Perform design reviews and technical security assessments to highlight risk and help engineering teams improve the overall security of our products. Design and implement security best practices and standards across varied engineering teams and environments. Implement and conduct code reviews with a combination of static testing, manual reviews, and dynamic analysis / pen-testing. Conduct threat modeling, identify & drive risk decisions, and influence technical designs and architectures. Engage with developers to provide remediation support. Perform security reviews of new services and features. Build tools to simplify and automate Vulnerability Management processes Providing engineering designs to mitigate security vulnerabilities in new software solutions. Design and implement tooling and automation for application security (e.g. SAST/DAST in CI/CD) Performing regular security testing as well as code reviews for improving the software security Maintaining technical documentation related to software security. Ensuring software security at all levels of architecture Staying updated with the latest tools and advanced industry practices for software security. Advocate for security culture and educate colleagues across all parts of UMG. Apply Now!