Software Engineer, Security
Render
- San Francisco, CA
- Permanent
- Full-time
- Build internal tooling to enable secure access to resources (e.g., wrappers, utilities, authentication services, and proxies).
- Maintain a development toolkit that enables our teammates to write secure code with ease and apply security best practices.
- Analyze and assess security issues identified through security reviews, threat modeling, penetration testing, and vulnerability disclosure.
- Work with developers on sensitive code paths and educate them on secure design patterns.
- Liaise with customers regarding their security and compliance needs, and in return, inform our security program.
- Reduce compliance toil and friction through high-leverage automation and programmatic workflows.
- Communicate security risks and solutions to technical and non-technical stakeholders as part of company-wide planning and prioritization processes.
- Stay up-to-date with the latest security threats, vulnerabilities, and best practices and make recommendations for improvements to our security posture.
- Partner with product engineering teams to inform and build thoughtful security features for our customers.
- Continually ensure that our systems have appropriate authentication, authorization, and accounting with low internal overhead.
- Experience designing and building secure web applications, tools, and APIs
- Experience securing systems on AWS or GCP
- Experience with infrastructure as code (e.g. Terraform, Ansible)
- Knowledge of the Go programming language
- Experience with vulnerability review and analysis
- Experience building a security program such as one based on NIST CSF or ISO 27001
- Experience securing Kubernetes clusters and workloads
- Experience designing and analyzing secure GraphQL APIs
- Experience securing software supply chains in accordance to frameworks like SLSA
- Experience with testing tools such as Burp Suite, OWASP ZAP, and Semgrep
- Active participation and contributions to the security community through public research, blogging, presentations, and other means
- Proven expertise in exploiting common security vulnerabilities, demonstrating practical experience in identifying and leveraging vulnerabilities to assess security posture
- Security certifications such as CISSP
- Our openings span more than one career level. The starting salary for this role is between $150,000 and $220,000 USD. The provided salary depends on many factors, such as work experience and transferable skills, business needs and impact, and market demands.
- The opportunity is also eligible for equity with early exercise options and extended exercise windows.
- 4 weeks of paid vacation, available from day one.
- 14 weeks of fully paid parental leave for all parents to bond with a newly born, adopted, or fostered child. We will also work with you to create a supportive plan of return.
- Long-term disability, life insurance, and 401K plans.
- 100% employer-paid medical coverage and 99% employer-paid dental and vision coverage for you and a dependent. FSAs available as well.
- Monthly lifestyle stipend for wellness, mental heath and therapy, hobbies, etc.
- Monthly cell phone and internet subsidy.
- Commuter benefits for Renders in the Bay Area, and home office stipends for remote Renders.
- Continuous learning benefits & related support.