Staff AppSec Engineer

Upside


Job Location:

Washington, DC - USA

Yearly Salary: USD 210000 - 230000
Posted on: 2 days ago
Vacancies: 1 Vacancy

Job Summary

Meet Upside:

We created Upside to transform brick-and-mortar commerce. Our technology uses the sophistication of online retailprofit measurement attribution and incrementalityto provide users with more value on their everyday purchases and brick-and-mortar businesses with new profitable customers. Weve helped millions of users earn 2 to 3 times more cashback than any other product and hundreds of thousands of brick-and-mortar businesses earn measurable profit. Billions of dollars in commerce run through the Upside platform every year and that value goes directly back to our retailer partners the consumers they serve and important sustainability initiatives.

The Impact Youll Make:

Youll report to the Director of Information Security and partner closely with engineering and technology stakeholders across the organization. Drawing on your expertise in secure development practices and payment systems youll own the identification and remediation of application vulnerabilities end-to-end. This is an individual contributor role with real influence youll shape how our AppSec program evolves raise the security bar across our engineering org and make it easier for developers to build securely from the start.

  • Leverage AI tools to design and deliver scalable security solutions that address application vulnerabilities

  • Execute automated security testing (SAST SCA) and work directly with engineers to resolve findings

  • Develop threat models and collaborate with product and engineering teams to surface document and prioritize risk

  • Advise leadership on security architecture decisions and application security best practices

  • Build developer security literacy through training enablement and vulnerability management guidance

  • Participate in penetration testing efforts and support bug bounty program operations

  • Contribute to the administration of AWS Control Tower and IAM provisioning workflows

  • Stay current with the broader security community and bring emerging trends back to the team

What You Should Have:

  • 6 years in application security or product security including hands-on experience reviewing Python code

  • A track record of building and delivering solutions in vulnerability management programs

  • Deep expertise in AWS security architecture including Lambda and AWS Control Tower

  • Demonstrated experience adopting and integrating AI tools into security or engineering workflows

  • Bachelors degree in Computer Science Engineering or a related field preferred

  • Strong communication and collaboration skills youre as comfortable with engineers as you are with leadership

Tools We Use:

  • GitHub Advanced Security GitHub Actions GitHub Copilot

  • Python

  • Terraform

  • AWS (Lambda DynamoDB S3 SNS SQS IAM VPCs)

  • ChatGPT

  • Snowflake

  • SQL

Location: Remote


Compensation:

The US base salary range for this full-time position is $210000 - $230000 equity benefits. The final starting pay will be determined based on job-related skills experience qualifications work location and market conditions. Your recruiter can share more about the specific salary range during the hiring process.

Benefits:

  • Medical dental and vision coverage starting on Day 1

  • Equity (ISOs)

  • 401(k) program

  • Family planning programs paid parental leave

  • Physical fitness and wellness memberships

  • Emotional and mental health support programs

  • Unlimited PTO 10 paid federal holidays our annual week-long Winter Break

  • Flexible work environment

  • Lunch reimbursement for in-office employees

  • Employee Resource Groups

  • Learning and Development stipend

  • Transparent culture

  • Amazing mission!

Diversity and Inclusion:

Diversity drives innovation and our differences make us stronger. Were passionate about building a workplace that represents a variety of backgrounds skills and perspectives and we do not discriminate based on race religion color national origin gender sexual orientation age marital status veteran status or disability status. Everyone is welcome here!

If theres anything we can do to support a disability or special need during your application or interview process please email

This email is for accessibility accommodations only it should not be used to submit job applications.

Notice To Recruiters And Placement Agencies:

This is an in-house search with a dedicated recruiter. Please do not submit resumes to any person or email address at Upside. Upside is not liable for and will not pay placement fees for candidates submitted by any party or agency other than its approved recruitment partners.


Required Experience:

Staff IC

Meet Upside:We created Upside to transform brick-and-mortar commerce. Our technology uses the sophistication of online retailprofit measurement attribution and incrementalityto provide users with more value on their everyday purchases and brick-and-mortar businesses with new profitable customers. We...

About Company

Company Logo

We support market challengers to successfully improve and scale their digital commerce on their way to become industry leaders.

View Profile View Profile