Job Description

Webflow is seeking a Staff Application Security Engineer to enhance secure development practices, focusing on secure coding, tooling, and improved procedures. The role involves collaborating with the engineering team to secure the web application platform, implementing security best practices, and contributing to security compliance frameworks.

Responsibilities

• Collaborate with the engineering team to secure Webflow's web application platform and ecosystem
• Bring security best practices to the software development lifecycle
• Champion security standards while balancing business strategies and requirements
• Support Webflow’s security current and future compliance frameworks
• Find security vulnerabilities through grey-box techniques and propose solutions
• Contribute code and architecture improvements for engineers
• Cross-train entry and mid-level application security engineers

Requirements

• 7+ years of experience in application security, including 2+ years of software development focused on security
• Expertise in secure software design, secure coding, and web application security
• Experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities
• Experience with software supply chain security and leading bug bounty programs
• Experience implementing and improving secure development lifecycle (SDLC) processes
• Experience leading complex security projects and roadmaps
• Experience mentoring other application security engineers

Benefits

• No benefits