Skip to main content

Be a part of the company that’s transforming the way merchants do business

We’re a team of inspired problem solvers building powerful, intuitive point-of-sale tools for small and medium businesses. Hardware that’s stylish and functional. Software that scales to any business. We’ve sold over one million Clover devices to restaurants and shops all over the world—and probably in your own neighborhood.

Important Information on Clover’s COVID-19 Vaccination Policy

In order to protect our Clover community, Clover requires all newly hired employees in the United States to be fully vaccinated before their start date. Proof of vaccination will be a condition to hiring. Clover complies with all applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs.

Apply

Senior Application Security Engineer

Job ID R-10273178 Date posted 08/17/2022

What you will do as an Application Security Engineer:

  • Develop, configure and implement tooling to support DevSecOps processes including SAST, DAST, IAST, and SCA, in partnership with DevOps.
  • Establish application security standards and guidelines for developers.
  • Establish and audit cloud infrastructure security standards.
  • Evaluate application architectures for security related concerns.
  • Champion and enable security-related activities in the software engineering process (e.g., threat modeling, secure coding practices).
  • Assess infrastructure, web and application environments to help identify, and prioritize risks and vulnerabilities.
  • Manage vulnerability backlog, partnering with Product and Engineering to ensure issues are addressed in accordance with SLA.
  • Perform and/or facilitate external audit of cloud architecture specific to security.
  • Perform red team exercises, including internal pen-tests on web applications and infrastructure, and internal social engineering exercises.


Basic Qualifications for Consideration:

  • 5+ years of experience in application security ideally from a software or architecture background.
  • Strong understanding of SAST, IAST, DAST, and SCA tooling in support of DevSecOps.
  • Significant experience with securing cloud architectures preferably in GCP.
  • Experience with performing security architecture and design reviews.
  • Experience implementing a vulnerability management program.
  • Experience with coding/scripting.
  • Experience with threat modeling (STRIDE, DREAD, etc.)
  • Demonstrable experience building strong working relationships with Product, Engineering, Infosec, and GRC.
  • Experience with running or participating in bug bounty programs.

#LI-JI1

#LI-HYBRID


In order to protect our Clover community, Clover requires all newly hired employees in the United States to be fully vaccinated before their start date. Proof of vaccination will be a condition to hiring. Clover complies with all applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs.

This role is not eligible to be performed in Colorado
Apply
View All of Our Available Opportunities

Benefits & Perks