Uncubed

Application Security Engineer

Jet, Hoboken, NJ

Building a better shopping experience.


About Jet

Jet’s mission is to become the smartest way to shop and save on pretty much anything. Combining a revolutionary pricing engine, a world-class technology and fulfillment platform, and incredible customer service, we’ve set out to create a new kind of e-commerce. At Jet, we’re passionate about empowering people to live and work brilliant.

About Jet’s Internal Engine

We’re building a new kind of company, and we’re building it from the inside out, which means that investing in hiring, developing, and retaining the brightest minds in the world is a top priority. Everything we do is grounded in three simple values: trust, transparency, and fairness. From our business model to our culture, we live our values to the extreme, whether we’re dealing with employees, retail partners, or consumers. We believe that happiness is the highest level of success and we want every person that crosses paths with Jet to achieve it. If you’re an ambitious, smart, natural collaborator who likes taking risks, influencing, and innovating in a challenging hyper-growth environment, we’d love to talk to you about joining our team.

About the Job

At Jet you will be a hands on self-starter with extraordinary technical skills. As a Jet Information Security Engineer, you will work with the latest technology and implement security solutions to improve Jet's overall security posture. Your contributions will be highly valued by our company leadership and you will be given the autonomy to get the job done.

If you thrive in a dynamic environment where you are implementing crucial information security defenses, then this is the job for you!

Specific responsibilities may include:

  • Work alongside both engineering and product teams to perform security architecture design reviews and threat modeling.
  • Perform source code reviews and penetration testing to identify security vulnerabilities and recommend potential solutions.
  • Work with developers and key stakeholders to address security vulnerabilities found in our applications.
  • Train application engineers on advanced security concepts, develop secure code guidelines and provide remediation strategies.
  • Participate in incident response and vulnerability remediation efforts.
  • Perform applied research on new attacks techniques and methodologies.
  • Evaluate and develop security tools for internal consumption and assist the engineering organization in deploying new detection and prevention capabilities.

About You

  • Bachelor’s degree in Computer Science or equivalent experience.
  • Effective communication skills and the ability to work collaboratively with various teams.
  • Experience designing and developing web, or mobile applications.
  • Security Source code review experience in C/C++, C#, ASP.NET, PHP, Ruby, JavaScript / NodeJS, Python or Java.
  • Substantial knowledge of web application attacks and defense strategies including those found in the OWASP Top 10 and CWE Top 25 (SQL injection, Cross-Site Scripting, CSRF, DoS, logic flaws, API attacks, etc...).
  • Solid understanding of the browser security model, cryptography and network security.
  • Ability to demonstrate to developers how to use application security best-practices to mitigate security vulnerabilities.

Preferred Qualifications:

  • Detailed understanding of various web development frameworks.
  • 2+ years development experience in .NET.
  • 2+ years of experience in an application security role and penetration testing.
  • Strong understanding of functional programming.
  • Contributions to the security community (Research, CVEs, Bug Bounty, Open Source, Blogs…)

 

About Jet

At Jet, our goal is to reshape the landscape of e-commerce forever and make a lasting difference in people’s lives.

Jet

Want to learn more about Jet? Visit https://jet.com