Engineer AppSec
Engineer AppSec
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
About Zapier
Were humans who simply think computers should do more work.
At Zapier were not just making softwarewere building a platform to help millions of businesses globally scale with automation and AI. Our mission is to make automation work for everyone by delivering products that delight our customers. Youll collaborate with brilliant people use the latest tools and leverage the flexibility of remote work. Your work will directly fuel our customers success and as they grow so will you.
Job Posted: April 3 2025
Location: Americas (EST or CST working hours required)
Hi there!
Were looking for an Application Security (AppSec) Engineer to join our Security team at Zapier. Were on a mission to democratize automation while ensuring the security and privacy of millions of users worldwide by protecting sensitive data and building trust through robust security measures.
This role combines handson software development for our core security services 6070 with security engineering responsibilities 3040. As a member of the AppSec team within the Security organization you will:
Shape security practices across development teams. And empower them to build and ship secure products.
Own critical security services protecting sensitive data at scale.
About You
You have strong Python backend development expertise and have experience building and maintaining production services.
You have handson experience with Redis and PostgreSQL and proficiency with distributed systems and cloud platforms (AWS).
You have a strong understanding of cryptographic principles. You have knowledge of authentication mechanisms authentication / authorization patterns and secure key management practices.
You have experience with security architecture and threat modeling. You have strong written and verbal communication skills to deliver constructive feedback regarding security matters to engineers and product designers and an ability to balance security requirements with operational or business needs.
You understand secure development lifecycle and secure coding practices. You have knowledge of common web / API vulnerabilities and mitigations (e.g. OWASP Top 10. You think about your job as not just identifying individual vulnerabilities but also finding effective ways to eliminate whole classes of them.
Collaboration is second nature to you and youre known for your willingness to roll up your sleeves and work alongside colleagues to achieve common goals.
Youre adaptable. Youve been in fastgrowing companies and know how to build change and adapt to the needs of a company as it grows.
Things Youll Do
Security Services Development:
Develop core security infrastructure services focusing on key management encryption and authentication.
Build robust distributed systems leveraging Redis PostgreSQL and AWS services.
Maintain high code quality standards through comprehensive testing monitoring and documentation.
Design and operate scalable processes and build pavedpath tooling that enable our engineers to ship secure products.
Security Threat Identification: Partner with development teams to conduct design reviews and threat modeling sessions.
Vulnerability Management: Support our public bug bounty program and leverage application testing tools (SAST SCA) to identify triage and drive remediation of vulnerabilities.
Collaborative Security Support: Work closely with various other Security teams and partner with engineering teams to provide general ad hoc security support and technical/operational guidance.
How to Apply
At Zapier we believe that diverse perspectives and experiences make us better which is why we have a nonstandard application process designed to promote inclusion and equity. Were looking for the best fit for each of our roles regardless of the type of companies in your background so we encourage you to apply even if your skills and experiences dont exactly match the job description. All we ask is that you answer a few indepth questions in our application that would typically be asked at the start of an interview process. This helps speed things up by letting us get to know you and your skillset a bit better right out of the gate. Please be sure to answer each question; the resume and CV fields are optional.
Education is not a requirement for our roles; however if you receive an offer you will need to include your most recent educational experience as part of our background check process.
After you apply you are going to hear back from useven if we dont see an immediate fit with our team. In fact throughout the process we strive to never go more than seven days without letting you know the status of your application. We know well make mistakes from time to time so if you ever have questions about where you stand or about the process just ask your recruiter!
Zapier is an equalopportunity employer and were excited to work with talented and empathetic people of all identities. Zapier does not discriminate based on someones identity in any aspect of hiring or employment as required by law and in line with our commitment to Diversity Inclusion Belonging and Equity. Our code of conduct provides a beacon for the kind of company we strive to be and we celebrate our differences because those differences are what allow us to make a product that serves a global user base. Zapier will consider all qualified applicants including those with criminal histories consistent with applicable laws.
Zapier prioritizes the security of our customers information and is dedicated to adhering to all applicable data privacy laws. You can review our privacy policy here.
Zapier is committed to inclusion. As part of this commitment Zapier welcomes applications from individuals with disabilities and will work to provide reasonable accommodations. If reasonable accommodations are needed to participate in the job application or interview process please contact .
Application Deadline:
The anticipated application window is 30 days from the date job is posted unless the number of applicants requires it to close sooner or later or if the position is filled.
Even though were an allremote company we still need to be thoughtful about where we have Zapiens working. Check out this resource for a list of countries where we currently cannot have Zapiens permanently working.
Employment Type
Full-Time
