Senior AppSec Engineer
As a Senior Application Security Engineer at Meraki, you will be a key member of a team that prevents, finds, and fixes vulnerabilities in our products, services, and enterprise. You will partner with teams across the organization to perform security assessments, architecture reviews, and promote secure development practices. You will seek opportunities to build security into development pipelines and capture the data you need to understand the security posture of our systems.
Meraki Security Engineers affect change across the entire stack, from the UI and backend to the device firmware. By acting as a guardian of our customers’ networks and deployments, you will have a direct, immediate, and significant impact on our customers and the hundreds of millions of users who rely on Meraki access points, switches, security appliances, cameras, and mobile device management solutions every single day.
At Meraki, we are passionate about building real products that our customers love! We believe in fostering a positive culture by hiring, mentoring, and empowering smart, helpful, humble people and providing equal opportunities for all employees to thrive. With the support of management, we constantly look within for ways to improve organizationally. We maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe. We are confident you will love it here!
Example projects for a senior application security engineer:
- Perform architecture and code review of complex cloud-based systems
- Lead cloud, web, and mobile application security assessments
- Collaborate with development teams to build secure Terraform and cloud-native CI/CD pipelines
- Develop scalable automated security tools and frameworks that integrate into our vulnerability management program
- Work with engineers and technical leaders to help prioritize and remediate vulnerabilities
- Collaborate with software engineers across product teams to refine the security of our cloud technologies and deployment practices
You are an ideal candidate if you:
- Have 5+ years of experience in application security testing and architecture review
- Performed security assessments targeting web applications, mobile applications, and public cloud infrastructures
- Feel comfortable using Linux and statically analyzing code written in high-level languages, such as Ruby, Python, Scala, Golang, or JavaScript
- Understand and recognize common vulnerability types, including SQL/command injection, XSS, CSRF, and SSRF
- Proven knowledge of containers and cloud-native security with a thirst for knowledge
- Have a background in software development or source code review
- Have a deep understanding of key security concepts such as authentication, authorization, encryption, role-based access control, and security by design
- Have the ability to explain sophisticated security problems and provide expert advice on secure design practices
Bonus points for:
- Experience hacking connected devices and IoT ecosystems
- Windows, and MacOS based app security expertise
- A BS/MS/Ph.D in Computer Science, Computer Engineering, Information Security, Security Engineering, or a STEM field
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
At Cisco Meraki, we’re challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.