Application Security Engineer III
4 weeks ago
As an Application Security Engineer III at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.
You’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
You will likely collaborate frequently with and support developers, as well as members of the infrastructure security team, the compliance team, IT, Product, and other teams throughout the organization.
You love to solve puzzles and are a great team player.
This role is remote.
What you’ll do:
Depending on your preferences and the current needs of the team, you may either focus on just one or two of the following areas, or you may choose to become involved with many of them.
Penetration testing — either hunt for security issues on our production or staged applications during an open-box internal pen test or help coordinate an engagement with an external firm Writing code for internal automated security tools — write some code, usually in Python, Bash, or Go, to support any of our team's various initiatives. Often, we strive to facilitate a culture of “paved roads” for our developers, such that it is easy for any developer to incorporate security into their designs and implementations Threat modeling — consider how malicious attackers may compromise our systems, and advise developers and product managers on what defenses are needed Code reviews — discover weaknesses in our source code before it reaches production Bug bounty program — help triage new incoming reports on a daily basis, plus launch creative initiatives to increase researcher engagement in our programs Web Application Firewall and Rate Limiting — expand coverage and tune new rules while coordinating with developers, support team members, and the site reliability team Remediation — enable and encourage developers to correctly fix recently discovered security issues in a timely manner, ultimately reducing our Mean Time To Remediate Secure Software Development Lifecycle — configure automated tooling (eg. static and dynamic code analysis, IAST) in our SDLC to detect security issues in our source code before it reaches production Developer Education, Security Culture — create fun ways to spread technical security awareness throughout the engineering department Incident response — lead or assist in running the various phases of incident response, including initial detection, triage, containment, recovery, root cause analysis, retrospective, etc. Collaboration with the infrastructure security team — pair with members of the infrastructure security team on various projects to secure our cloud instances and employee workstations Collaboration with the compliance and privacy team — help ensure that our company complies with industry best practices and standards Process improvements — help strengthen our own internal processes and procedures A typical day will look like: Engage with one or more product development teams and guide them through a threat model and data flow analysis. Review the code for major new functionality to ensure security best practices are followed. Review new tickets in our bug bounty program ( and use your system design and threat modeling knowledge to reproduce, define risk and mitigating controls and propose a fix. A call or two with Development, Product Management teams to discuss security-related issues Pen test a new feature in a staging environment with Burp Pro Assist the compliance team on a privacy-related project Provide technical advice in response to occasional questions from developers and other members of the security teamSkills and knowledge you should possess:
Required: 2+ years of prior experience in either software development, devops, or site reliability engineering with hands-on coding experience. Preferred: prior experience in Application Security 4+ total years of relevant experience in Engineering, Application Security, or a similar technical field. Strong knowledge of modern web, mobile, and network security Strong programming skills with at least one of the following languages, and the ability to read all of them: Python, Go, PHP, Javascript, and Ruby Expertise with application pen testing, using tools like Burp or Zap Confident working in and across cloud environments like AWS and GCP. Detailed knowledge of at least one cloud environment. Confident with shell scripting Confident with common SDLC components, like git, Jira, Jenkins, etc Confident ability to communicate technical security concepts to developers At least an upper-intermediate level of EnglishBonus points (nice skills to have, but not needed):
Link to a Github repo with security tools/scripts you’ve developed or help maintain Full-stack web development experience creating RESTful applications (in any language) is a big plus Open-source vulnerability research or blog posts is a big plus Experience with system security hardening guidelines and SDLC principlesAbout Us:
Vimeo (NASDAQ:VMEO) is the world’s most innovative video experience platform. We enable anyone to create high-quality video experiences to connect better and bring ideas to life. We proudly serve our growing community of nearly 300 million users — from creative storytellers to globally distributed teams at the world’s largest companies. Learn more at
Vimeo is headquartered in New York City with offices around the world. At Vimeo, we believe our impact is greatest when our workforce of passionate, dedicated people, represents our diverse and global community. We’re proud to be an equal opportunity employer where diversity, equity, and inclusion is championed in how we build our products, develop our leaders, and strengthen our culture.
-
Application Security Engineer III
3 weeks ago
bangalore, India Vimeo, Inc. Full timeYou’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks. You love to solve puzzles and are a great team player. This role is remote. What you’ll do: Penetration testing — either hunt for security issues on our production or staged applications during an...
-
Software Engineer III Java
3 weeks ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Asset and Wealth Management, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way. You...
-
Software Engineer III
1 week ago
bangalore, India JPMorgan Chase & Co. Full timeYou’re ready to gain the skills and experience needed to grow within your role and advance your career — and we have the perfect software engineering opportunity for you. As a Software Engineer III at JPMorgan Chase within the Distributed Ledger Technologies Team, you are part of an agile team that works to enhance, design, and deliver the software...
-
Application Security Lead Engineer
4 weeks ago
bangalore, India Anicalls (Pty) Ltd Full timeCandidate should be able to:Create and manage bug bounty programs.Evangelize software security best practices.Perform threat modeling, architecture design reviews, and detection capabilitiesDevelop and implement security tooling.Partner with software engineering and product teams to ensure security throughout the SDLC.Candidate should have:Strong...
-
Software Engineer III
7 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III - Denodo Developer at JP Morgan Chase in Asset and Wealth Management business within the International private Banking and Data Fabric - Denodo Platform team, you will work as an experienced member of the agile...
-
Software Engineer III
7 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Asset and Wealth management, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way. You...
-
Engineer III, Software
7 days ago
bangalore, India Omnicell, Inc Full timeEngineer III, Software - Full stack The Engineer III, Software is an experienced professional who participates in leading, creating and extending Omnicell products. This person is a highly skilled developer who can apply industry and corporate best practices to produce quality applications. This person applies their practical and theoretical...
-
Engineer III, Site Reliability Engineering
2 weeks ago
bangalore, India Omnicell, Inc Full timeSoftware Engineer III, Site Reliability Engineering Responsibilities: Implement tools and processes necessary to achieve required SLOs for Omnicell Platform. Implement CI/CD pipelines. Automate delivery of platform services using infrastructure-as-a-code. Build self-service playbooks for platform which can be consumed across globally...
-
Security Engineer, Application Security
4 weeks ago
bangalore, India Amazon Development Centre (India) Private Limited Full timeIn Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe’s largest AWS deployment.As an AppSec engineer, you will collaborate with...
-
Software Engineer III- IOS
3 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Wealth Management Business (CCB) under Self Directed Investing, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a...
-
Senior Application Security Engineer
4 weeks ago
bangalore, India Zynga Full timeAVAILABLE POSITIONS Senior Application Security Engineer Careers Category: Engineering Careers location: Bengaluru, India Connected Worker Type: Connected R_111904 Job Summary: We are currently seeking a Senior Application Security Engineer to join our Product Security team. The team assesses, enables, and...
-
Software Engineer III
7 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within Commercial Bank Digital Platforms team, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable...
-
Software Engineer III
4 weeks ago
bangalore, India Spectrum Consultants India Private Limited Full timeSoftware Engineer III Summary Experience Required: 7 - 10 YearsJob Term: PermanentLocation: BangaloreCategory: Software DevelopmentA leading designer, developer and global supplier of a broad range of digital and analog semiconductor connectivity solutions that serve the wired infrastructure, wireless communications, enterprise storage and industrial...
-
Software Engineer III-Business Objects Developer
3 weeks ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Corporate & Investment Bank, Payments Technology, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable,...
-
Application security Engineer
7 days ago
bangalore, India Alp Consulting Limited Full timeKey Responsibilities: - Conduct thorough security assessments of applications, identifying vulnerabilities and providing recommendations for remediation. - Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC). - Perform security code reviews and assist in the implementation of secure coding...
-
Software Engineer III- SailPoint IdentityIQ
3 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Infrastructure Platforms team, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way....
-
Software Engineer III
5 hours ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure, stable, and scalable way. You are responsible for carrying out...
-
Software Engineer III
3 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Consumer and Community Banking- JP Wealth Management, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure,...
-
Software Engineer III
7 days ago
bangalore, India JPMorgan Chase & Co. Full timeWe have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Consumer and community banking- JP wealth management, you serve as a seasoned member of an agile team to design and deliver trusted market-leading technology products in a secure,...
-
Sr. Security Engineer, Application Security
4 weeks ago
bangalore, India ADCI - Haryana - D50 Full timeIn Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe’s largest AWS deployment.As an AppSec engineer, you will collaborate with...
