Application Security Engineer

at Quanata
  • $170k-$235k
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors looking for personal data. Please be aware we will only reach out via email using the domain quanata.com. Anything that does not match those domains should be ignored and considered a security risk.

About Us

Quanata is on a mission to help ensure a better world through context-based insurance solutions. We are an exceptional, customer centered team with a passion for creating innovative technologies, digital products, and brands. We blend some of the best Silicon Valley talent and cutting-edge thinking with the long-term backing of leading insurer, State Farm.

Learn more about us and our work at quanata.com

Our Team

From data scientists and actuaries to engineers, designers and marketers, we’re a world class team of tech-minded professionals from some of the best companies in Silicon Valley, and around the world.  We’ve come together to create the context-based insurance solutions and experiences of the future.  We know that the key to our success isn’t just about nailing the technology—it’s hiring the talented people who will help us continue to make a quantifiable impact.

The role

We are seeking an Application Security Engineer to join the Product Security team within the greater  Security & Privacy team. This role is pivotal in ensuring the security and integrity of our applications and services and shared solutions within our B2B/E product suite. You will be responsible for implementing application security measures across various projects, with a focus on identifying and mitigating risks within our development lifecycle.

As an Application Security Engineer, you will be playing an essential role in maintaining the overall security posture of the company. You’ll work closely with the entire Security & Privacy team. Our application environment is a hybrid of containers, managing most of our production microservices, and a public cloud-driven services layer based on popular open-source components.

We’re looking for a candidate who thrives in a team setting, collaborates effectively with colleagues across multiple departments, and contributes positively to a dynamic team environment. The ideal individual should be skilled in leveraging the strengths of diverse team members, fostering a culture of open communication, and driving joint initiatives towards successful outcomes.

Your day-to-day

Collaborate with development and product teams to integrate security solutions into business-critical applications.Assist in creating and refining product security threat models, focusing on security measures tailored to the unique challenges of the insurance sector.Participate in secure code reviews and product security testing to identify vulnerabilities.Implement application security best practices throughout the software development lifecycle.Respond to vulnerabilities identified through internal security testing, prioritizing according to business impact.Support initiatives to enhance security awareness and practices within the application development teams.Work closely with compliance teams to ensure that applications adhere to industry-specific regulations and standards.Document security procedures, best practices, and team initiatives using repeatable patterns.

About you

  • Experience:

  • Bachelor’s degree or equivalent, relevant experience and;

    • 3 - 5 years of experience in information security, with at least 2 years of experience in application security engineering.
    • Experience in working with software development teams to integrate security into complex application ecosystems.

  • Technical Skills:

    • Familiarity with security-by-design principles and a solid understanding of application security frameworks and standards.
    • Familiarity with cloud-based hosting providers like AWS, Google Cloud or Microsoft Azure.
    • Knowledge of OWASP and relevant standards like the Top 10, ASVS and MASVS.
    • Proficiency in at least one programming language and relevant security tools.
    • Familiarity with threat modeling paradigms such as STRIDE or STRIPED.

  • People Skills:

    • Strong communication skills, with the ability to collaborate effectively with development teams and other stakeholders.
    • Ability to work in a fast-paced environment, managing multiple tasks and priorities.

Bonus points

  • Certifications in security architecture or application security (e.g., CSSLP, GWEB, OSWE).
  • Familiarity with the insurance industry or a similarly regulated sector and its impact on application security.
  • Experience with cloud-based security solutions and familiarity with cloud service providers, particularly in relation to application security.
  • Experience with mobile application development, quality assurance testing, and penetration testing.
  • Experience with artificial intelligence and prompt engineering
  • Hands-on experience with threat modeling, risk assessment, and vulnerability management.
  • Proficient in scripting security tasks
  • Regular attendance at regional and national industry conferences such as DEF CON, BSides, RSA, or BlackHat.
  • Regular contributions to the professional community through presentations, training, mentoring, publications or social media.

Salary: $170,000 to $235,000*

*Please note that the final salary offered will be determined based on the selected candidate’s skills, and experience, as well as the internal salary structure at Quanata. Our aim is to offer a competitive and equitable compensation package that reflects the candidate’s expertise and contributions to our organization.

Additional Details:

  • Benefits: We provide a wide variety of health, wellness and other benefits.These include medical, dental, vision, life insurance and supplemental income plans for you and your dependents, a Headspace app subscription, monthly wellness allowance and a 401(k) Plan with a company match.
  • Work from Home Equipment: Given our virtual environment— in order to set you up for success at home, a one-time payment of $2K will be provided to cover the purchase of in-home office equipment and furniture at your discretion. Also, our teams work with MacBook Pros, which we will deliver to you fully provisioned prior to your first day.
  • Paid Time Off: All employees accrue four weeks of PTO in their first year of employment.  New parents receive twelve weeks of fully paid parental leave which may be taken within one year after the birth and/or adoption of a child. The twelve weeks is applicable to both birthing and non-birthing parent.
  • Personal and Professional Development: We’re committed to investing in and helping our people grow personally and professionally.  All employees receive up to $5000 each year for professional learning, continuing education and career development.  All team members also receive LinkedIn Learning subscriptions and access to multiple different coaching opportunities through BetterUp.
  • Location: We are a remote-first company for most positions so you may work from anywhere you like in the U.S, excluding U.S. territories. For most positions, occasional travel may be requested or encouraged but is not required _. Some positions might require travel per the job description provided to the employee._ Employees based in the San Francisco Bay Area or in Providence, Rhode Island may commute to one of our local offices as desired.
  • Hours: We maintain core meeting hours from 9AM - 2PM Pacific time for collaborating with team members across all time zones.

Quanata, LLC is an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

If you are a San Francisco resident, please read the City and County of San Francisco’s Fair Chance Ordinance notice. https://www.sf.gov/sites/https://www.sf.gov/sites/default/files/2022-12/FCO%20poster2020_0.pdf

This role is employed by Quanata, LLC which is a separate company in the State Farm family of companies.

If you require a reasonable accommodation, please reach out to your Talent Acquisition Partner for assistance.

Share this job:
Please let Quanata know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Quanata

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply