Senior Application Security Engineer

| Chicago
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

SpotHero is seeking a Senior Engineer focused on Application Security to join our Engineering team. The Senior Application Security Engineer works closely with development teams, engineering and product managers and third-party groups (including the paid bug bounty program and security auditors) to identify and remediate security vulnerabilities in SpotHero’s products and practices.


With this role, hopefully you are someone who likes digging deep in infrastructure and code to find and fix the root cause of security vulnerabilities. You enjoy working with engineers of all disciplines and technology stacks both to achieve your goals and to educate others. You’ll be contributing to projects that are highly visible to our executive team.


Who we are:

SpotHero is one of transportation's hottest tech companies! We’re rapidly growing with the mission of bringing the parking industry into the future through technology. Drivers across the nation use the SpotHero mobile app or website to reserve convenient, affordable parking on-the-go or in advance, and parking companies rely on us to help them reach new customers while optimizing their business. We connect the dots with cutting-edge technology, delivering value to both sides of this exciting, evolving marketplace.


What will you do:

  • Work with our analytics, marketing and data science teams to understand our data processing needs.
  • Be a key hands-on contributor to the design and implementation of our data platform solutions from the infrastructure layer up to the API.
  • Model and architect our data in a way that will scale with the increasingly complex ways we’re analyzing it.
  • Build robust pipelines that make sure data is where it needs to be, when it needs to be there.
  • Build frameworks and tools to help our software engineers, data analysts, and data scientists design and build their own data pipelines in a self-service manner.
  • Performance testing and engineering to ensure that our systems always scale to meet our needs.
  • Be a key member of the team focused on pure hands-on contribution to the implementation and operation of our data platform.

Key Responsibilities: 

  • You run web application security audits and tests against our applications and infrastructure.
  • You research and verify reported security vulnerabilities in our applications and infrastructure.
  • You educate software developers on common vulnerabilities and measures they can take to prevent them in their applications.
  • You deploy and maintain code scanning tools.
  • You audit our application and infrastructure security settings.

Your experience:

  • Knowledgeable of security libraries, security controls, and common security flaws.
  • Basic development and debugging skills in a modern web application language.  Python is preferred.
  • Ability to work in all areas of the tech stack, including infrastructure through the application layer to client libraries.
  • Experience with OWASP Top 10 and the CVE program.
  • Familiarity with cloud security controls and best practices.  Experience with Amazon Web Services (AWS) is preferred but not required.
  • Familiarity in setting up and using static and dynamic code analysis, container auditing tools, or other tools incorporated in the software development lifecycle.
  • Experience with a security information and event management (SIEM) tool (e.g. SumoLogic).
  • Experience with web application security testing tools (e.g. Burp Suite).

Nice to Haves:

  • Certified Secure Software Lifecycle Professional (CSSLP).
  • Certified Ethical Hacker (CEH).

Technology we use:

  • IDEs, debuggers, open-source tools, Burp Suite.
  • Python/Django.
  • Amazon Web Services (AWS): Identity Access Management (IAM), Virtual Private Cloud (VPC).
  • Kubernetes, SumoLogic, Terraform
  • Confluence, Jira, Google GSuite

What we are offering:

  • Career game changer – A truly unique experience to work for a fast-growing startup in a role with unlimited potential for growth.
  • Excellent benefits – 
    • In the US we cover up to 90% of Medical Premiums, 50% of Dental & Vision Premiums, company sponsored Life Insurance, 401K, and generous parental leave. 
    • In Canada we offer Medical (prescription drug and paramedical coverage), Dental, Vision, Life Insurance, STD and LTD.
  • Flexible PTO policy and great work/life balance – We value and support each individual team member.
  • Annual parking stipend – we help people park!
  • The opportunity to collaborate with fun, innovative, and passionate people in a casual, yet highly productive atmosphere.
  • A workplace recognized as the Best Consumer Web Company by Built in Chicago, Top Company Culture by Entrepreneur, a Top Workplace by Chicago Tribune, and one of Chicago’s Best Places to Work for Women Under 35 by Crain’s Chicago Business. 

Steps to apply: Please include any GitHub account, LinkedIn profile, and any project that you’re particularly proud of. We love seeing work that others loved working on.


SpotHero is an equal opportunity employer.  We know that a diverse workforce is the strongest workforce, and are committed to building and supporting an inclusive environment for all.


PLEASE NOTE: This position is ineligible for visa sponsorship.  To be considered for this role, you must be legally authorized to work in Canada or the US and not require sponsorship for employment now or in the future.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • ScalaLanguages
    • ReactLibraries
    • DjangoFrameworks
    • HiveDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • MixpanelAnalytics
    • OptimizelyAnalytics
    • AxureDesign
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • ConfluenceManagement
    • JIRAManagement
    • SmartsheetManagement
    • TrelloManagement
    • WordpressCMS
    • SalesforceCRM
    • BrazeCRM
    • MailChimpEmail
    • MandrillEmail
    • Oracle ResponsysEmail
    • MarketoLead Gen

Location

Our brand new, custom built office is located in the heart of the Loop, close to the Brown, Orange, Pink, Purple, and Red Lines.

An Insider's view of SpotHero

What’s the vibe like in the office?

There's a lot of collaboration and positive energy throughout the entire day at SpotHero. There are a lot of funny people that work at SpotHero; it's hard to get through the day without a few genuine hearty laughs, which is a really fun way to take a break from being nose deep in a project.

Michelle

Account Executive

How does the company support your career growth?

There’s so much room to grow at SpotHero. From the very beginning, I was encouraged to think about my career goals and steps I could take towards achieving them. I recently made the transition to a new team, and everyone has been incredibly supportive as I learn a new skill set and look to further grow my career!

Maggie

Digital Marketing Specialist

What is your vision for the company?

I joined SpotHero to contribute to the future of mobility as I imagine walking down the street with my pre-school aged children one day and being able to point out aspects of the mobility ecosystem that I played a role in building. In this vein, I believe SpotHero will emerge as the platform that powers the last quarter mile of mobility.

Paolo

VP, Vertical Business Teams

What are SpotHero Perks + Benefits

SpotHero Benefits Overview

We offer our employees a way to find community through Employee Resource Groups. We currently have six different established groups and evaluate offerings on a semi-annual basis.

In the US we cover up to 90% of Medical Premiums, 50% of Dental & Vision Premiums, company-sponsored Life Insurance, 401K, and generous parental leave.

Flexible PTO policy and great work/life balance – We value and support each individual team member.

Annual parking stipend – we help people park!

Culture
Volunteer in local community
SpotHero participates in local volunteer activities such as installing art galleries in elementary schools with I Paint My Mind and building homes with the House That Tech Built.
Partners with Nonprofits
Through our monthly bake sales we partner with nonprofits such as C.A.R.E. Animal Rescue, Center on Halsted, and ALIVE rescue.
Friends outside of work
Eat lunch together
Intracompany committees
SpotHero has culture committees that promote wellness and diversity and inclusion.
Open door policy
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Mean gender pay gap below 10%
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
We cover Short Term Disability at no cost to you.
Dental Benefits
Our competitive Dental plan is through Guardian. Our plan has a unique rollover benefit to encourage plan use. In addition to child orthodontia, we are proud to offer adult orthodontia coverage!
Vision Benefits
Our vision plan is through Guardian through VSP Choice Network. Our plan has a low co-pay for your annual exam and includes an annual stipend for lenses or frames.
Health Insurance Benefits
Our medical plans are through Blue Cross Blue Shield, and we offer a High Deductible Health Plan with no employee payroll contribution required. We also contribute to HSA accounts on your behalf.
Life Insurance
SpotHero covers Life & AD&D coverage, up to 100% of your salary, at no cost to you.
Wellness Programs
Team workouts
SpotHero sponsors an annual fitness challenge where employees can participate in hydration, sleep, and fitness challenges.
Retirement & Stock Options Benefits
401(K)
You’ll have the opportunity to take advantage of traditional and Roth savings options with financial advisers at Fidelity Investments who are ready to assist with your retirement planning.
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
We provide three months of parental leave for all employees.
Remote Work Program
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Promote from within
Mentorship program
Time allotted for learning
Customized development tracks

Additional Perks + Benefits

Fantastic Eats - Take a break and enjoy some grub with the team, catered weekly from your favorite Chicago spots. For a midday pick me up, choose from our endless variety of snacks or our cold brew on tap. • Team Events - From WhirlyBall and ice skating to rooftop happy hours and spontaneous ice cream parties - we're always looking for new ways to have fun together! • Casual Work Environment - Be comfortable while you work. Take a nap if you need it or squeeze in a few yoga poses between meetings. • Employee Wellness Program. We encourage work/life balance through financial wellness talks, meditation sessions, and mind & body nutrition education. Plus, we encourage our team to get out and give back to our local community. • Professional Development. We support personal and professional development through mentorship programs, diversity & inclusion trainings, and learning how to work with one another based on our personality types.

More Jobs at SpotHero18 open jobs
All Jobs
Finance
Data + Analytics
Design + UX
Dev + Engineer
Marketing
Product
Project Mgmt
Data + Analytics
new
Chicago
Data + Analytics
new
Chicago
Finance
new
Chicago
Data + Analytics
new
Chicago
Marketing
new
Chicago
Project Mgmt
new
Chicago
Developer
new
Chicago
Design + UX
new
Chicago
Developer
new
Chicago
Product
new
Chicago
Project Mgmt
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView SpotHero's full profileSee more SpotHero jobs