Senior Applications Security Engineer
BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast- growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth.
BigCommerce is seriously growing its information security team, get in whilst the Security team is still small, and you’ll have the ability to influence the culture and direction moving forward.
As the BigCommerce e-commerce SaaS platform handles information at a large scale, we need to anticipate and protect against attackers targeting BigCommerce or our customer
Our engineers are called on to wear many hats, you’ll be very well rounded, with experience as a software developer, penetration tester, and able to work independently to provide technical expertise to other software developers.
Named a “Best Place to Work” in Austin, San Francisco and Sydney, we are looking for a full-time Senior Applications Security Engineer who wants to make an impact to every level of society through powering innovators, creative thinkers, entrepreneurs and business owners around the world to be successful at each stage of their business.
What you’ll do
- Respond to information security incidents, providing technical expertise
- Provide security guidance and experience to BigCommerce engineering teams
- Review project technical designs and stay involved through their implementation to assist BigCommerce engineering staff with the finer points of application security
- Help build internal security tooling, to enable us to be more proactive.
- Utilize data to help generate insights into threats, driving towards conclusions that allow for better prioritization and solutioning
- Mentoring team members in best practice around information security standards
- Regular and ongoing pen testing of BigCommerce’s growing environment
- Evangelize security within BigCommerce and be an advocate for BigCommerce customers
- Protect BigCommerce Merchants, Shoppers, and the company
Who you are
- Bachelor's degree in CS, EE or MIS; or equivalent experience
- Solid understanding of how the web works, Web Application Security concepts, exploits, and threat prevention
- Skills to Test, Triage, review, and provide recommendations for vulnerabilities
- 5 plus years of experience in application security related fields (code reviews, application penetration testing, security engineering, etc.)
- Passionate about security and willingness to learn, unlearn and relearn if necessary
- Knowledge of development and integration tools and technologies(Ex. CI/CD)
- 1 plus years of software development experience in PHP, Ruby, Java, or similar relatable technology The ability to explain security issues to developers, engineers, and management
- Strong communicator with a bias towards honesty and transparency
- Experience working on global teams
- Experience in Bug bounties, speaking at conferences, blogging, etc. is highly desirable
Nice to have one/many certifications such as GXPN, OSCP, OSCE, CEH
Our Hiring Processes Might Include
We want to see your problem-solving and analytical skills. Be prepared to write good, clean, scalable code. You don’t need to know our entire stack, but we’re looking for practical experience, someone who can solve production problems in the cloud.
- Recruiter Phone Screen
- Hiring Manager Screening
- Final Team Interview
- Note: Visa Work Authorization Sponsorship Supported and Relocation Assistance Provided
#LI-GC1
INDSP
Diversity, Equity & Inclusion at BigCommerce
We have the opportunity to build not only a great business but a great company, with soul. Our beliefs and commitment to diversity, equity and inclusion are a central part of achieving that.
Our dedication to DEI is grounded in two things: a moral belief in the dignity, value, and potential of every individual, and a practical belief that diverse, inclusive teams will create the best outcomes for our customers, partners, employees, and company. We welcome everyone to be a part of our journey.
Current BigCommerce Employees: Please use the internal job board to apply for openings