Abridge

Senior Application Security Engineer

Rol remoto de Security con fit claro de ubicación del candidato.

Publicado14 abr 2025

Países elegibles1 país aceptado

Señal de senioritySenior

Modelo de trabajoRemoto

Ubicaciones aceptadas para candidatos

Estados Unidos

Puedo aplicar realmente?Revisa la lista de países

Las ubicaciones aceptadas para candidatos están listadas (1).

Actualidad de la fuente14 abr 2025

Fit de ubicación1 país aceptado

Match de stackGCP, Kubernetes

Camino de aplicaciónSitio de la empresa

Resumen de fit de MiraPor qué vale revisar este rol

Fit de ubicación1 país aceptadoAgrega tu país

Match de stackAgrega skills al perfil para compararGCP, Kubernetes

Señal de senioritySeniorDefine tu nivel para una revisión más precisa.

Preparación para aplicarSitio de la empresaLa aplicación continúa en el sitio de la empresa.

Aplicación

Aplicar en el sitio de la empresa

Aplicación externa

Aplicando aSenior Application Security EngineerAbridge

Fit de país1 país aceptado

Camino de aplicaciónSitio de la empresa

WithMiraGuarda o suscríbete antes de salir

Aplicación de la empresa

WithMira mantiene este rol para descubrimiento. La aplicación continúa en el sitio de la empresa.

Resumen del rol

Contenido del rol extraído en secciones para revisar más rápido.

Lead Threat Modeling and Design Reviews: Impact the product from ideation through to code that is shipping to production. Conduct advanced threat modeling and security architecture reviews for complex systems, new products, and platform initiatives, providing expert guidance and requirements to meet Abridge’s security goals.
Define Security Strategy: Define and implement the technical roadmap for the Application Security program, focusing on scalable assurance, proactive security measures, and setting clear standards and guardrails.
Mentor and Enable: Act as a subject matter expert and trusted advisor to product and engineering teams, providing mentorship on security features, product defense, secure coding practices, application architecture, and vulnerability remediation strategies.
Conduct Training & Awareness: Develop training materials for engineers to build a foundation of security best practices across the engineering organization.

Code and Security Reviews: Perform and lead in-depth secure code reviews (both manual and tool-assisted) to identify complex security vulnerabilities and flaws, including logic and authorization vulnerabilities that automated tools often miss. Get hands on with assessing AI models, agents, and architectures.
Internal Penetration Testing: Lead internal penetration testing engagements for net new products and historical systems identify security risks across our environment.
Vulnerability Program Oversight: Design and enhance the end-to-end vulnerability management program for Abridge’s products and applications, ensuring timely identification, prioritization, and remediation of critical security issues while doing so in as developer-friendly a way as possible.
Security Incident Response: Serve as an expert on Abridge’s products and applications for the security incident response team, assisting in investigating and resolving security events and incidents.

Experience: 7+ years of direct experience in an Application Security role, with a demonstrated history of designing and implementing security improvements at scale.
Programming Fluency: Deep proficiency in one or more major programming languages (Python and NextJS a big plus) and a solid background in software development principles.
Cloud & Containers: Extensive experience securing applications deployed in Cloud environments (GCP a big plus) and knowledge of containerization technologies (Kubernetes).
Technical Depth: Expert-level knowledge of web application security techniques and principles, APIs, IAM (including identity, authentication/authorization, RBAC, ABAC), applied cryptography, etc.
AI Security: Deep understanding of the security of AI and ML models, agents, and associated systems.

Security Research: Proven experience contributing to or leveraging open-source security tools, publishing security research, managing bug bounty programs, and active engagement in the security industry.
Cross-Functional Influence: Demonstrated ability to drive large, cross-functional technical projects that impact security posture across the entire organization.
Data-Driven Security: Experience defining and utilizing security metrics to measure and report on the effectiveness of the AppSec program to both technical and executive audiences.

Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.
Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
Paid Parental Leave: Generous paid parental leave for all full-time employees.
Family Forming Benefits: Resources and financial support to help you build your family.
401(k) Matching: Contribution matching to help invest in your future.
Personal Device Allowance: Tax free funds for personal device usage.
Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
Compensation and Equity: Competitive compensation and equity grants for full time employees.
... and much more!

Roles similares