Skip to main content
Back to jobs

Staff AppSec Engineer

External
upside logoUpside · Washington, DC
$210K–$230K/yrFull-timeRemote1d ago
AccessibilityApplication SecurityAWSDynamoDBGitHubGitHub Actions
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Benefits

Medical, dental, and vision coverage starting on Day 1Equity (ISOs)401(k) programFamily planning programs + paid parental leavePhysical fitness and wellness membershipsEmotional and mental health support programsUnlimited PTO + 10 paid federal holidays + our annual, week-long Winter BreakFlexible work environmentLunch reimbursement for in-office employeesEmployee Resource GroupsLearning and Development stipendTransparent cultureAmazing mission!Diversity and Inclusion:If there's anything we can do to support a disability or special need during your application or interview process, please email accommodations@upside.com.This email is for accessibility accommodations only, it should not be used to submit job applications.Notice To Recruiters And Placement Agencies:This is an in-house search with a dedicated recruiter. Please do not submit resumes to any person or email address at Upside. Upside is not liable for, and will not pay, placement fees for candidates submitted by any party or agency other than its approved recruitment partners.Health insuranceDental insuranceVision insurance401(k)Paid time offRemote work optionsFlexible scheduleEquity / stock optionsParental leave

Additional Information

Meet Upside: We created Upside to transform brick-and-mortar commerce. Our technology uses the sophistication of online retail-profit measurement, attribution, and incrementality-to provide users with more value on their everyday purchases and brick-and-mortar businesses with new, profitable customers. We've helped millions of users earn 2 to 3 times more cashback than any other product, and hundreds of thousands of brick-and-mortar businesses earn measurable profit. Billions of dollars in commerce run through the Upside platform every year, and that value goes directly back to our retailer partners, the consumers they serve, and important sustainability initiatives. The Impact You'll Make: You'll report to the Director of Information Security and partner closely with engineering and technology stakeholders across the organization. Drawing on your expertise in secure development practices and payment systems, you'll own the identification and remediation of application vulnerabilities end-to-end. This is an individual contributor role with real influence, you'll shape how our AppSec program evolves, raise the security bar across our engineering org, and make it easier for developers to build securely from the start. Leverage AI tools to design and deliver scalable security solutions that address application vulnerabilities Execute automated security testing (SAST, SCA) and work directly with engineers to resolve findings Develop threat models and collaborate with product and engineering teams to surface, document, and prioritize risk Advise leadership on security architecture decisions and application security best practices Build developer security literacy through training, enablement, and vulnerability management guidance Participate in penetration testing efforts and support bug bounty program operations Contribute to the administration of AWS Control Tower and IAM provisioning workflows Stay current with the broader security community and bring emerging trends back to the team What You Should Have: 6+ years in application security or product security, including hands-on experience reviewing Python code A track record of building and delivering solutions in vulnerability management programs Deep expertise in AWS security architecture, including Lambda and AWS Control Tower Demonstrated experience adopting and integrating AI tools into security or engineering workflows Bachelor's degree in Computer Science, Engineering, or a related field preferred Strong communication and collaboration skills - you're as comfortable with engineers as you are with leadership Tools We Use: GitHub Advanced Security, GitHub Actions, GitHub Copilot Python Terraform AWS (Lambda, DynamoDB, S3, SNS, SQS, IAM, VPCs) ChatGPT Snowflake SQL Location: Remote

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at upside? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect