GlossGenius is building an ecosystem enabling entrepreneurs to succeed. We empower small business owners to focus on being creators, not admins, by offering a range of business management tools including booking and scheduling, marketing, analytics, payment processing and much more. Over 100,000 small business owners have chosen to rely on GlossGenius every day to run their entire set of business operations. Joining its powerful, intuitive platform with its vibrant, distinguished brand, GlossGenius is the ideal combination of a fintech, SMB software, and consumer company all in one. About the Role We are hiring a Senior Application Security Engineer to join our Foundations Engineering team at GlossGenius. In this role, you'll play a critical role in shaping the security of our entire product portfolio. This is a high-visibility position where you'll act as a frontline security voice for our engineering and product teams. You’ll work closely with engineers and product managers to ensure security is a core part of how we build, from the very first design discussions. What You’ll Do: Design Review: You\'ll act as the initial security point of contact for engineering and product teams. You will conduct security-focused architectural reviews and threat modeling to identify and address vulnerabilities, working directly with development teams to find and fix issues. Policy & Process Adjustments: You will contribute to the development of our security policies and standards. This includes creating secure coding guidelines, building automated tools to prevent common security issues, and collaborating with development teams to embed security into CI/CD pipelines. Vulnerability Management: Own our end-to-end vulnerability management program. This includes deploying scanning tools across our engineering organization, triaging security vulnerabilities, and supporting the ongoing development of the program\'s tools and processes to prevent common security issues. Vendor Evaluation: Help improve our security program by evaluating new security vendors. This includes running evaluations, coordinating demos, piloting tools internally, and making recommendations on which solutions best fit our needs. What We’re Looking For: 5+ years of experience in application or product security roles, preferably in high-growth, cloud-native environments Strong ability to collaborate effectively with software development teams Experience performing architecture reviews/threat models for custom software Excellent communication skills, both written and verbal, with the ability to clearly explain complex topics. Familiarity with common security libraries and tools, such as static analysis and penetration testing tools. Understanding of common security vulnerabilities and mitigation strategies (e.g., OWASP Top 10). Basic development or scripting skills. Fundamental knowledge of network and web protocols (e.g., TCP/IP, HTTP, HTTPS). Willingness to participate in on-call rotations as needed. A proactive approach to managing projects from start to finish with a focus on outcomes. Flexible PTO Competitive health & dental insurance options, with premiums partially or fully covered by GG Fertility and adoption benefits via Carrot Generous, fully-paid parental leave policy 401k benefit - employees are eligible to contribute starting day 1 of employment Professional Development - employees receive a yearly stipend for approved learning and educational-related expenses Dependent Care FSA Home office support Team Bonding opportunities - as a distributed team, being able to build meaningful bonds both virtually and in person is incredibly important to us! We are constantly evaluating how we accomplish this and currently, teams are given opportunities to gather in person throughout the year The starting base salary for this role in New York and California is between $180,000-$230,000+ target equity + benefits. The base salary offered is dependent upon many factors including skills, experience, location, and education. The base pay range is subject to change and may be modified in the future. Additionally, this role is currently eligible to participate in GlossGenius’s equity plan as well as a range of health & wellbeing, retirement savings, and other benefits within our total rewards offering. At GlossGenius, we celebrate our differences and are committed to creating a workplace where all employees feel supported and empowered to do their best work. We believe this benefits not only our employees but our product, customers, and community as well. GlossGenius is proud to be an Equal Opportunity and Affirmative Action Employer. Agency Submissions If a resume or applicant is submitted to GlossGenius by a third party without a signed search agreement in place, it will become the property of GlossGenius and no fee will be paid, irrespective of whether the candidate is hired. Apply for this job * indicates a required field First Name * Last Name * Email * Phone Country Phone Resume/CV * Enter manually Accepted file types: pdf, doc, docx, txt, rtf Enter manually Accepted file types: pdf, doc, docx, txt, rtf LinkedIn Profile Website What programming languages are you proficient in? * Are you able to work in the locations described in the job description or are willing to relocate to one of those areas? * Select... Are you legally authorized to work in the US? * Select... Do you now or will you in the future require sponsorship for work authorization in the US? * Select... We’re a high-growth startup looking to work with ambitious people with a history of exceptional performance. In two paragraphs or less, please share a specific example where you went above and beyond. *

#J-18808-Ljbffr