Application Security Engineer
Zapier via Stack Overflow
Oct 9th 2018
We're looking for someone to join our Engineering team at Zapier as an Application Security Engineer Are you interested in helping build and secure a powerful automation tool? Then read on…
We know applying for and taking on a new job at any company requires a leap of faith. We want you to feel comfortable and excited to apply at Zapier. To help share a bit more about life at Zapier, here are a few resources in addition to the job description that can give you an inside look at what life is like at Zapier. We hope you'll take the leap of faith and apply.
- Our Commitment to Applicants
- Culture and Values at Zapier
- Zapier Guide to Remote Work
- Zapier Code of Conduct
- Diversity and Inclusivity at Zapier
Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
Even though our job description may seem like we're looking for a specific candidate, the role inevitably ends up tailored to the person who applies and joins. Regardless of how well you feel you fit our description, we encourage you to apply if you meet these criteria:
You care deeply about building secure products in secure ways that simplify the lives of millions of people through automation.
You have web application and infrastructure security experience. Keeping the core Zapier web application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and managing infrastructure under a similar model is a big plus.
You know what makes browsers and sites secure. The web browser is practically the operating system of the internet; these days nearly everything that happens online, happens in a browser. You'll help us continue to keep customer data safe by ensuring the “first mile” is trouble-free.
You love writing software and building infrastructure. Most of what you'll do each day is guiding, building and maintaining Zapier's infrastructure and product. You'll focus on high value, high risk portions of Zapier. You'll use code to automate and improve the more mundane parts of auditing and monitoring of internal processes, as well as in the product.
You have worked with teams before on large Python, AWS, & Kubernetes projects. You're also familiar with some common frameworks for languages like Django, Flask, or Rails as well as React/Backbone.js. You've also worked extensively in cloud providers like AWS, GCE, or Azure
You love doing things efficiently. At Zapier, the work you do will have a disproportionate impact on the business. We believe in systems and processes that let us scale our impact to be larger than ourselves. You'll be in a unique position to find and eliminate "insecure and painful" experiences and replace them with "secure and joyful" experiences.
You love learning. Engineering is an ever-evolving world. You enjoy playing with new tech and exploring areas that you might not have experience with yet.
You love to set your own direction. At Zapier, we have one team meeting each week and one-on-one meetings every month. Between those we chat in Slack and then go make things happen.
You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.
Things You Might Do
Zapier is a small, fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:
- Write some Python!
- Identify where we can add more layers of defense in depth and implement them.
- Periodically embed with product teams with to help with security sensitive projects.
- Build internal tooling to ensure safe data access patterns for Zapier employees.
- Review code across Zapier's product and infrastructure.
- Locating weak points across Zapier and strengthening them.
- Ship code to millions of users every week.
- Experiment: this is a startup so everything can change
As part of our All Hands Support initiative, help customers have the best experience with Zapier as possible.
How To Apply
We have a non-standard application process. To jump-start the process we ask a few questions we normally would ask at the start of an interview. This helps speed up the process and lets us get to know you a bit better right out of the gate.
After you apply, you are going to hear back from us, even if we don't seem like a good fit. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.