Fleetio is looking for an expert Application Security Engineer, who is passionate about protecting data and has a deep understanding of different attack vectors.
You will work on continuously enhancing Fleetio’s application security. You will engage in both proactive and reactive measures to ensure our applications and services are secure. This is a new and hugely impactful role for Fleetio and our customers and has high growth potential.
This is a remote opportunity and is open to candidates in the United States, Canada, or Mexico.
About us
Fleetio is a modern software platform that helps thousands of organizations around the world manage their fleets. You can learn more about our platform here. Transportation technology is a hot market and we’re leading the charge, with raving fans and new customers signing up every day. We raised a $21M Series B in late 2020 and are on an exciting trajectory as a company. You can read more about it here.
More about Fleetio
- Fleetio overview video: https://www.youtube.com/watch?v=IlvIbwZT3oU
- Fleetio Go overview video: https://www.fleetio.com/go
- More about the Fleetio platform: https://www.fleetio.com/features
- API docs: developer.fleetio.com
- Test drive Fleetio to get an even better feel for what we're building: https://www.fleetio.com/register
What you'll be doing
- Perform periodic security assessments such as penetration tests and own resolving vulnerabilities
- Provide security-focused feedback at different stages of Software Development Life Cycle
- Review security alerts from dependencies, frameworks and manage such upgrades
- Assist in creating a framework to centralize, review and act on security-related updates from third parties and partners
- Monitor static analysis test results and ensure appropriate fixes are developed
- Respond to security incidents and work with CTO and team to write post mortem reports
- Help provide answers and expertise on security-related queries from internal team members and customers
- Help drive adoption of secure development practices (via code reviews, team training, lunch and learns, etc.)
What's in it for you
- Be a part of an incredible team of “A” players who go above and beyond to make Fleetio a successful company. You will help build secure software used by people all around the world. So many different types of companies and organizations operate a fleet each day, and Fleetio is a good fit for most of them (it’s a huge market).
- Work remotely (within the United States, Canada, or Mexico), or at our Birmingham, AL HQ. Over 80% of our Engineering Team works remotely (including our CTO), and we have promoted a strong remote working culture since the beginning (2012).
- We place great emphasis on work/life balance. We have families and hobbies and know you do, too.
Our team
Our Engineering and Product teams are structured as autonomous squads that execute within one focal area toward a defined product vision. We're hardcore believers in easy-to-use software, and our main goal as Product Engineers is to quickly and continuously deliver meaningful value to our customers. We've optimized our CI/CD tools and processes to easily get code into our production environments, resulting in an average of 40 deploys per week. See what our team has to say about how we work in their own words here. You can also learn about the interview process here.
Requirements
- 3+ years of experience as a Security Engineer
- BS in Computer Science, Engineering, or equivalent real-world experience
- Deep understanding of emerging vulnerabilities and industry-standard lists such as OWASP TOP 10, SANS
- Knowledge of testing products/services across different platforms (web, mobile, API)
- Familiarity with static and dynamic application security testing tools (SAST &DAST)
- Continuous learner who stays on top of trending security concepts, breaches, and attack vectors
- Service mindset with a strong passion for helping and teaching team members with varying degrees of expertise in security
- Excellent verbal and written communication skills since you will be engaging in providing constructive feedback, generating awareness, and writing up summaries
- Experience or understanding of authentication and authorization methods, open standards, and protocols (such as SAML, OAuth)
- Be sure to mention "coffee" in your application so we know you read this
Considered a plus
- Experience with Ruby-on-Rails
- Member of white hat hacker groups
- Participated in bug bounty programs
- You know a thing or two about the Fleet management industry
Benefits
- 100% coverage of employee health and dental insurance (50% family)
- 401(k) + match
- Company stock options
- Vision, STD <D
- Dependent Care FSA and Medical FSA
- Generous PTO, Company Holidays &Floating Holiday
- Maternity/Paternity leave
- Community service funds
- Mac laptop
- Professional development funds
- Health and wellness incentives
- Remote working friendly since 2012
For Non-U.S. based candidates, Fleetio offers a country-specific competitive benefits package.
Not quite what you were hoping for? Check out our other engineering roles here.