Monograph
Our mission is to modernize the payments infrastructure for trucking and logistics. We're building Stripe for Transportation, centering our customers in every way and offering them world-class customer experience.
We have a strong founding team with backgrounds in payments, autonomous vehicles, and leading technology companies. We've raised $125 million+ from investors and have been named to Forbes' annual Next Billion-Dollar Startup List.
Job Description
AtoB is looking to hire a dedicated Application Security Engineer to join our small security team. You'll work cross-functionally with backend, frontend, DevOps, product, and compliance teams to push security forward in every part of our stack. Responsibilities
Design and implement security tooling, automation, and processes to support secure development, deployment, and operations Perform threat modeling, design reviews, and security assessments (API, web, mobile, microservices) Conduct secure code reviews, dynamic and static application security testing, and penetration testing Work closely with engineering teams to remediate identified security issues and embed secure practices in SDLC Investigate and respond to application-level security incidents or suspicious behavior Help define and enforce security standards, policies, and best practices across the engineering organization Maintain and improve application security infrastructure Stay abreast of new threats, vulnerabilities, and relevant industry practices and share knowledge Requirements
4+ years of experience securing web and/or API-based applications in a production setting Hands-on experience with static analysis (SAST), dynamic analysis (DAST), interactive application security testing (IAST) or similar tools Experience performing manual code reviews in languages like Java, Python, Go, JavaScript/TypeScript Understanding of common web / API vulnerabilities (OWASP Top 10, API abuses, SSRF, injection, XSS, deserialization, etc.) Familiarity with authentication & authorization mechanisms (OAuth2/OIDC, JWT, session management, RBAC, etc.) Experience integrating security into a CI/CD pipeline (GitHub Actions, GitLab CI, Jenkins, CircleCI, etc.) Working knowledge of cloud platforms (AWS, GCP, Azure) and container/orchestration (Docker, Kubernetes) Strong problem-solving skills, ability to operate in ambiguity and drive security outcomes in fast-moving teams Excellent communication skills Compensation Range: $180K - $200K We are an equal opportunities employer and welcome applications from all qualified candidates.
#J-18808-Ljbffr
AtoB is looking to hire a dedicated Application Security Engineer to join our small security team. You'll work cross-functionally with backend, frontend, DevOps, product, and compliance teams to push security forward in every part of our stack. Responsibilities
Design and implement security tooling, automation, and processes to support secure development, deployment, and operations Perform threat modeling, design reviews, and security assessments (API, web, mobile, microservices) Conduct secure code reviews, dynamic and static application security testing, and penetration testing Work closely with engineering teams to remediate identified security issues and embed secure practices in SDLC Investigate and respond to application-level security incidents or suspicious behavior Help define and enforce security standards, policies, and best practices across the engineering organization Maintain and improve application security infrastructure Stay abreast of new threats, vulnerabilities, and relevant industry practices and share knowledge Requirements
4+ years of experience securing web and/or API-based applications in a production setting Hands-on experience with static analysis (SAST), dynamic analysis (DAST), interactive application security testing (IAST) or similar tools Experience performing manual code reviews in languages like Java, Python, Go, JavaScript/TypeScript Understanding of common web / API vulnerabilities (OWASP Top 10, API abuses, SSRF, injection, XSS, deserialization, etc.) Familiarity with authentication & authorization mechanisms (OAuth2/OIDC, JWT, session management, RBAC, etc.) Experience integrating security into a CI/CD pipeline (GitHub Actions, GitLab CI, Jenkins, CircleCI, etc.) Working knowledge of cloud platforms (AWS, GCP, Azure) and container/orchestration (Docker, Kubernetes) Strong problem-solving skills, ability to operate in ambiguity and drive security outcomes in fast-moving teams Excellent communication skills Compensation Range: $180K - $200K We are an equal opportunities employer and welcome applications from all qualified candidates.
#J-18808-Ljbffr