Staff Application Security Engineer

Meet Upside:

We created Upside to transform brick-and-mortar commerce. Our technology uses the sophistication of online retail—profit measurement, attribution, and incrementality—to provide users with more value on their everyday purchases and brick-and-mortar businesses with new, profitable customers. We’ve helped millions of users earn 2 to 3 times more cashback than any other product, and hundreds of thousands of brick-and-mortar businesses earn measurable profit. Billions of dollars in commerce run through the Upside platform every year, and that value goes directly back to our retailer partners, the consumers they serve, and important sustainability initiatives.

The Impact You’ll Make:

You’ll report into the Director, Information Security and build relationships with technology stakeholders. You’ll leverage your knowledge of secure code practices and payment systems to identify and remediate application vulnerabilities. This individual contributor role will innovate for our AppSec team, increase our AppSec posture and enable our engineers to code safely.

- Innovate with AI and deliver security solutions to mitigate application vulnerabilities

- Run security code tests (SAST, SCA) and partner with engineers to remediate unsafe code

- Create threat models and engage technology teams to review and document risks

- Guide leadership on security architecture, design and best AppSec practices

- Train and upskill engineers on safe coding and vulnerability management

- Assist penetration testing initiatives and/or help manage bug bounties

- Support administration of AWS Control Tower and IAM provisioning

- Interact with the security community and keep aware of trends

What You Should Have:

- 6+ years of application or product security inclusive of reviewing Python code

- Experience with innovating and delivering solutions related to vulnerability management

- Deep knowledge of AWS and Lambda security architecture and AWS Control Tower

- Str...