Senior Application Security Engineer (Remote)
At Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and smarter with technology that simply works.
As a senior member of the Application Security team, you will have a substantial impact on the security of millions of Cisco Meraki users all around the world. We are looking for people who are as passionate about finding and helping teams identify fixes for vulnerabilities as they are about building full stack security tools to help prevent such issues.
Key responsibilities:
- Partner with the greater security team as well as our product and infrastructure teams to build scalable and user-friendly security tooling, such as:
- CI/CD integrated static analysis
- Fuzzing frameworks
- Offensive security testing infrastructure in AWS
- Build seamless integrations between our tools, Meraki’s development stack, and the broader Cisco security infrastructure
- Discover and triage vulnerabilities via code audits, fuzzing, and static analysis
- Work with and support other engineering teams to fix vulnerabilities found internally and by researchers through our bug bounty program
You are an ideal candidate if you:
- Have 5+ years of full stack development experience in Ruby or Python
- Have an excellent working knowledge and ability to educate others on common vulnerability types, including SQL/command injection, XSS, CSRF, and SSRF
- Have experience in web, database, information and/or infrastructure security
- Know and love learning about the latest security tools, infrastructure, and industry best practices
- Have experience developing in a hybrid environment utilizing AWS or other cloud providers
- Enjoy working across and being a resource for other engineers and sharing your knowledge of secure coding practices
- Are excited to champion security as a first-class concern
Bonus points for:
- Penetration testing or security architecture experience
- Experience with IoT platforms, large-scale distributed systems, and/or client-server architectures
- Proven ability to ship in a dynamic environment
About Meraki
At Meraki we are driven by the desire to make managing sophisticated networks simple. Our firmware combined with a web-based dashboard allows customers to manage enterprise scale networks using a simple point and click interface. We are passionate about building real products that our customers love. We believe in fostering a positive culture by hiring, coaching, and empowering smart, helpful, humble people. With the support of management, we constantly look within for ways to improve organizationally. Finally, we maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe—including an awesome office overlooking the Bay Bridge, stocked full of food and drinks.
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
At Cisco Meraki, we’re challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.