As an application security engineer, you will own the end-to-end security design of Moveworks' AI infrastructure, platform, and features. You will be tasked with designing and implementing security solutions and practices that allow our engineering teams to build secure infrastructure and features at scale.
We're building a team that indexes on moving fast, solving challenging product/engineering problems and providing value to our customers. To be successful, you'll be partnering with machine learning, search, product, infrastructure, data, and full stack teams to identify, define and build elegant security solutions. This is an opportunity to play an integral role at the fastest-growing AI startup in its space.
Who we are:
Moveworks is revolutionizing how companies support their employees — with the first AI platform that makes getting help at work effortless. Using advanced conversational AI built for the enterprise, Moveworks gives employees exactly what they need, from IT support to HR help to policy information. Our platform allows customers like Snowflake, Slack, DocuSign, LinkedIn, Instacart, Illumina, Epic Games, Hearst Media to move forward on what matters.
Founded in 2016, Moveworks has raised $315 million in funding, at a valuation of $2.1 billion. We’ve been named to the Forbes AI 50 list for three consecutive years, while earning recognition as the Best Chatbot Solution at the 2021 AI Breakthrough Awards. Above all, we’ve built an AI company that puts people first, which is why both Inc. and the San Francisco Business Times called Moveworks one of the Best Workplaces of 2021.
Come join one of the fastest-growing teams on the planet!
What you'll do:
- Lead security and privacy engineering initiatives. Closely work with machine learning, search, product, infrastructure, data, and frontend teams to design solutions that are inherently secure.
- Be a security subject matter expert and help teams make right calls for security related matters.
- Participate in design discussions and data handling reviews. Perform risk assessments and risk exceptions.
- Architect and build out common security solutions, libraries, and frameworks that other teams can leverage to implement best security practices in their features and infrastructures.
- Analyze and provide observability into the security of infrastructure, platform, and features by building tools and tests.
- Define key security metrics and measure the effectiveness of application security initiatives.
What you bring to the table:
- 4+ years of experience in evaluating, designing, implementing, and supporting security-focused distributed services and platforms
- Experience working across teams to identify security risks, develop mitigation plans, and implement security features and solutions
- Experience with / good understanding of OS / network security, application security, authentication, authorization, identity systems, encryption, and secure coding practices
- Experience operating in environments with compliance requirements (SOC2, HIPAA, ISO27001, etc.)
- Experience with cloud infrastructure like AWS / GCP / Azure
- Software development proficiency with Python, Golang, Java, or C++
- Desire to work at a startup pace in a small company with a high degree of ownership
- Strong motivation, gumption, and an appetite for continuous, incremental changes and completing challenging projects fast
- High level of curiosity about engineering outside of your immediate discipline and an incessant desire to learn
- BS+ in computer science or a related field, or equivalent relevant experience