Zwift
Zwift helps millions of people enjoy a more active life while having fun.

Senior Application Security Engineer at Zwift (Remote)

| Remote
Sorry, this job was removed at 4:49 a.m. (PST) on Tuesday, April 5, 2022
Find out who’s hiring remotely
See all Remote jobs
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Seniority Level: Senior

Location: Long Beach, CA or Remote (Select US States)

About the role and about You:

The Zwift Application Security Team is looking for a Senior Application Security Engineer to help build and grow product security within service and engineering teams in order to address both deeply technical and programmatic security issues, as well as emerging new threats. This individual will lead application security assurance efforts, provide code reviews and tooling, and liaise with development and operations teams across the company to provide security awareness and consultation. The role requires partnering with key project stakeholders to define key security issues, as well as identify, prioritize, and categorize security remediation plans. Senior Application Security Engineers coordinate and influence cross-functional engineering and integration teams to provide security in the software development lifecycle. 

Successful Senior Application Security Engineers at Zwift are self-starters, able to work autonomously, natural problem solvers, collaborative, and not phased by adversity or ambiguity. You should have strong problem-solving skills, excellent interpersonal skills, a deep technical understanding of modern web application, client/server application, and containerization based security threats, strong scripting and automation skills, and the desire to be an individual contributor to securing Zwift’s services and products.

What you’ll do: 

  • Work with application development teams across Zwift to provide guidance on standard methodologies for secure application development across a variety of languages and frameworks.
  • Collaborate with application development teams to improve security test coverage and functional security testing at all levels of the development life cycle.
  • Provide developer awareness training and supporting documentation to proliferate the methodologies of secure software development.
  • Develop and maintain the bug bounty and public vulnerability submission process.  
  • Triage incoming bug reports both from the information security team and the security research community and work to prioritize and remediate bugs with affected application and infrastructure teams.
  • Manage tooling and process for continuous application risk assessment, triage, curation, and reporting.
  • Advise and consult internal engineering teams on risk assessment, incident triage, threat modeling, and security vulnerability mitigation.
  • Mentor developers on evolving threats to their applications and help to insure state of the art secure development practices are being used.
  • Develop and maintain a regular code review process for software development teams.

What we’re looking for:

  • 5+ years of application security experience designing, building or testing web and API based architectures.
  • Deep understanding of security vulnerabilities, attacker exploit techniques, common objectives, and tactics affecting public web applications.
  • Excellent working knowledge of the public cloud infrastructure and services in AWS (IAM, KIAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.)
  • Excellent understanding of docker and container orchestration with kubernetes and experience running production kubernetes clusters in Amazon EKS, Google GKE, or similar managed platform.
  • Scripting skills (e.g., Python, Go, JS, C, C++, Java, Ruby, or PowerShell)

Bonus points: 

  • Prior working experience in or with a Software Development Team.
  • Experience crafting or working with bug bounty programs.
  • Identify opportunities for process improvement, including the development and implementation of internal security tools, tactics, and procedures.
  • Prior security auditing of Zwift applications, networks, and infrastructure. 

(Colorado only) Minimum salary of $128,000 + bonus + equity + benefits.


How to stand out among the rest:

Your resume/CV is enough to show off your skills, accomplishments, and experience. However, if you choose to include a cover letter introducing us to your awesome personality, we will read that too.

Values:

Of course, we are nothing without our values. Our values ground us. They ensure we run and build a company where people love to work, feel like they are welcomed, included, and belong.  Only then can they thrive and do their best work.  The values we strive to live every day are:

  • Make It Fun
  • Elevate Teammates
  • Cultivate Our Community
  • Always Level Up
  • One Zwift for All

We strongly believe that different backgrounds and ideas are a competitive advantage; we hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. Zwift is proud to be an Equal Opportunity Employer. If you have a disability or special need that requires accommodation, please let us know by emailing [email protected]. 

Zwift, Inc. is an Equal Opportunity Employer.

See More
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Where we are

Zwift is working from home to ensure the safety of our employees. We are hiring remotely. We have beautiful offices for when it's safe to collaborate.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • iosLanguages
    • androidLanguages
    • Node.jsFrameworks
    • SpringFrameworks
    • ReactFrameworks
    • MySQLDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • TrelloManagement
    • WordpressCMS
Previous
Next

What are Zwift Perks + Benefits

Zwift Benefits Overview

Zwift takes great pride in the benefits and perks that we offer each member of the team. Highlights include: paid parental leave and modern family benefits, 401k with company match, pension, mental health support, fitness industry perks, and a Lifestyle Spending Account. The well-being of each Watopian (what we call our employees) and their families is essential.

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
"Make it Fun" is part of our culture and we have some of the very best people helping to shape wellness activities, spacial care packages, employee engagement programs, and events for everyone.
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Zwift is on a journey to embed diversity, equity, inclusion, and belonging into all that we do. It starts with awareness building and knowledge gathering. All employees have a 3 course leaning path.
Diversity manifesto
Diversity Employee Resource Groups
Zwift is excited to be launching ERG's in 2021!
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Summer Fridays Monthly Company Timeouts Lifestyle Spending Account Fitness Program
Onsite Gym
Team workouts
Mental Health Benefits
Employee Assistance Program(s) Support for every aspect of the parental journey Meditation App Membership(s) Paid Therapy Sessions
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Zwift provides 12 weeks paid parental leave for any of the following: Birth parent Non-birth parent/partner Adoption
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
12 weeks paid leave for primary caregiver adoption.
Return-to-work program post parental leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Recreational Clubs
Relocation Assistance
Relocation assistance for qualifying job openings.
Fitness Subsidies
Fitness Budget for in-home equipment Lifestyle Spending Account Fitness Industry Perks
Home Office Stipend for Remote Employees
While we are all working remotely, Zwift allocates a monthly stipend to cover at home working expenses.
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Online course subscriptions available
Customized development tracks

Additional Perks + Benefits

There has been much investment in the well-being of the Zwift team. During the pandemic, and being remote, the company has adopted "summer Fridays" during the summer months and "monthly time outs" leading into the end of the year. Many companies are facing burned out employees and we are doing what we can to provide a culture that supports wellness.

An Insider's view of Zwift

What projects are you most excited about?

I’m super excited about all the game integrated features we’ll be releasing to the website. The ability to see all the rides I’ve gone on, share them with friends, and give people ride ons!

Jason

Senior Software Engineer

How do your team's ideas influence the company's direction?

Captivating your audience requires creative technology, which pushes the envelope. With the reward comes risks, and at Zwift our QA team partners with the creatives and development teams to mitigate these risks while keeping the creative vision alive

Brittany

Director of QA

How do your team's ideas influence the company's direction?

Being a part of the People Experience team, I feel fortunate that the programs, tools and resources that we are building have a direct impact on each employee and their family. We are chasing a vision to create an inclusive, data-driven, supportive, winning culture that will enable our teams to do their best work and have fun while doing it.

Vanessa

Director, People Experience

More Jobs at Zwift