Senior Application Security Engineer

About GlossGenius

GlossGenius is building an ecosystem enabling entrepreneurs to succeed.  We empower small business owners to focus on being creators, not admins, by offering a range of business management tools including booking and scheduling, marketing, analytics, payment processing and much more. 

Over 100,000 small business owners have chosen to rely on GlossGenius every day to run their entire set of business operations. Joining its powerful, intuitive platform with its vibrant, distinguished brand, GlossGenius is the ideal combination of a fintech, SMB software, and consumer company all in one.

About the Role
We are hiring a Senior Application Security Engineer to join our Foundations Engineering team at GlossGenius. In this role, you'll play a critical role in shaping the security of our entire product portfolio. This is a high-visibility position where you'll act as a frontline security voice for our engineering and product teams. You’ll work closely with engineers and product managers to ensure security is a core part of how we build, from the very first design discussions.

You must be commutable to our NYC or SF office. We default to being in-office 3-4 days per week with required attendance on Tuesdays and Thursdays.

What You’ll Do:

• Design Review: You'll act as the initial security point of contact for engineering and product teams. You will conduct security-focused architectural reviews and threat modeling to identify and address vulnerabilities, working directly with development teams to find and fix issues.
• Policy & Process Adjustments: You will contribute to the development of our security policies and standards. This includes creating secure coding guidelines, building automated tools to prevent common security issues, and collaborating with development teams to embed security into CI/CD pipelines.
• Vulnerability Management: Own our end-to-end vulnerability management program. This includes deploying scanning tools across our engineering organization, triaging security vulnerabilities, and supporting the ongoing development of the program's tools and processes to prevent common security issues.
• Vendor Evaluation: Help improve our security program by evaluating new security vendors. This includes running evaluations, coordinating demos, piloting tools internally, and making recommendations on which solutions best fit our needs.

What We’re Looking For:

• 5+ years of experience in application or product security roles, preferably in high-growth, cloud-native environments
• Strong ability to collaborate effectively with software development teams
• Experience performing architecture reviews/threat models for custom software
• Excellent communication skills, both written and verbal, with the ability to clearly explain complex topics.
• Familiarity with common security libraries and tools, such as static analysis and penetration testing tools.
• Understanding of common security vulnerabilities and mitigation strategies (e.g., OWASP Top 10).
• Basic development or scripting skills.
• Fundamental knowledge of network and web protocols (e.g., TCP/IP, HTTP, HTTPS).
• Willingness to participate in on-call rotations as needed.
• A proactive approach to managing projects from start to finish with a focus on outcomes.

Benefits & Perks 

• Flexible PTO
• Competitive health & dental insurance options, with premiums partially or fully covered by GG
• Fertility and adoption benefits via Carrot
• Generous, fully-paid parental leave policy
• 401k benefit - employees are eligible to contribute starting day 1 of employment
• Professional Development - employees receive a yearly stipend for approved learning and educational-related expenses
• Pre-tax commuter benefits
• Dependent Care FSA
• Home office support
• Team Bonding opportunities - as a distributed team, being able to build meaningful bonds both virtually and in person is incredibly important to us! We are constantly evaluating how we accomplish this and currently, teams are given opportunities to gather in person throughout the year

The starting base salary for this role in New York and California is between $180,000-$230,000+ target equity + benefits. The base salary offered is dependent upon many factors including skills, experience, location, and education. The base pay range is subject to change and may be modified in the future.  Additionally, this role is currently eligible to participate in GlossGenius’s equity plan as well as a range of health & wellbeing, retirement savings, and other benefits within our total rewards offering.

At GlossGenius, we celebrate our differences and are committed to creating a workplace where all employees feel supported and empowered to do their best work. We believe this benefits not only our employees but our product, customers, and community as well. GlossGenius is proud to be an Equal Opportunity and Affirmative Action Employer.