Clash
of Jobs
Browse All Jobs
Job Description
Webflow is seeking a Staff Application Security Engineer to enhance its secure development practices. This role involves collaborating with the engineering team to secure Webflow’s web application platform and ecosystem. The Staff Application Security Engineer will champion security standards, support compliance frameworks, and identify vulnerabilities. They will also contribute to code and architecture improvements and mentor other application security engineers.
Role involves:
- Collaborating with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
- Bringing security best practices to the software development lifecycle.
- Championing security standards while balancing business strategies and requirements.
- Supporting Webflow’s security current and future compliance frameworks.
- Finding security vulnerabilities through grey-box techniques and proposing solutions.
- Contributing code and architecture improvements to enable security.
- Cross-training entry and mid-level application security engineers.
Requirements:
- 7+ years of experience in application security, including 2+ years of software development focused on security.
- Passion for security and eagerness to learn.
- Expertise in secure software design, secure coding, and web application security.
- Experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities.
- Experience with software supply chain security and bug bounty programs.
- Experience implementing and improving secure development lifecycle (SDLC) processes.
- Experience leading complex security projects and mentoring other application security engineers.
Webflow offers:
- Equity ownership (RSUs)
- 100% employer-paid healthcare, vision, and dental insurance
- Flexible PTO and sabbatical program
- Monthly stipends to support work and wellness
- 401k plan
