Senior Application Security Engineer
Alloy is where you belong!
Alloy is a leader in the fraud prevention space and data orchestration platform. We help some of the most innovative banks and fastest growing fintech companies grow and scale operations by allowing them to find more good customers and onboard them without increasing the risk of fraud.
Through our values: Be Bold, Get Scrappy, Collaborate, and Celebrate Our Differences, we are creating a workplace where you can grow, thrive, and belong. See how we’ve been continuously recognized and named one of Inc. Magazine’s Best Workplaces, Best Fintech to Work for by American Banker, and Best Place to Work by Built in NYC year after year.
Check out our investors and read more about us here.
About the team
Alloy operates in a hybrid-work environment. We look to foster collaboration and community by having our local employees onsite twice a week, and remote employees onsite once a quarter.
What you’ll be doing
-- Build a mature Application Security program for Alloy, that manages application vulnerabilities and collaborates with various teams to resolve them.
-- Design, implement and configure custom security tools and application firewalls that detect and remediate threats in a codebase built in Python/Django and NodeJs.
-- Set up build automation with CI pipelines for open-source and enterprise security tools that do static code analysis and open source composition analysis on the source code.
-- Perform automated and manual penetration testing of web applications using tools like Burpsuite to find SQL injections, XSS and access control vulnerabilities.
-- Plan, implement, and manage a security bug bounty program in HackerOne by triaging vulnerabilities and prioritize fixes by coordinating with relevant teams.
-- Contribute to a culture of security at Alloy by helping train staff and being the go-to expert on security practices, tools, and vulnerabilities.
-- Contribute to the full-stack development of authentication and role based access control (RBAC) solutions.
Who we’re looking for
Bachelor’s degree in Computer Science, Computer Engineering, or a closely related field, plus 5 years of work experience as Software Engineer, Security Engineer, Application Developer, or closely related occupation.
$167,000/year - $196,000/year
Benefits and Perks
- Unlimited PTO and flexible work policy
- Medical, dental, vision plans with HSA (monthly employer contribution) and FSA options
- 401k with 100% match up to 4% of annual employee compensation with immediate eligibility and vesting
- 16 weeks of parental leave
- Home office stipend for new employees
- Health & wellness monthly stipend
- $1,000 learning & development annual stipend
- 5 free teletherapy sessions and Headspace membership
- Well-being benefits include access to Carrot, Cleo, OneMedical, Gympass, and more
Alloy’s Covid-19 Company Statement
Alloy does not require employees to be vaccinated against Covid-19, but vaccination or testing may be mandated by the relevant local laws with which the company will comply. If this position involves contact with third parties, attendance on-site for events, travel, and/or work in our New York City offices, those actions will be subject to any relevant local laws, venue or customer requirements, or travel requirements regarding vaccines or testing (and exemptions thereto).
At this time, Alloy is following compliance regulations with New York City’s Private Sector Mandate and offering religious and medical accommodations for all eligible employees and visitors.
How to Apply
Mail Resumé to Attn: Priscilla Philavong, Manager of Recruiting; First Mile Group, Inc., dba Alloy; 41 E 11th Street, 2nd Floor; New York, NY 10003. Specify position being sought.
Something looks off?