Senior Application Security EngineerWebflow • Saint Paul, Illinois, United States
Dieses Stellenangebot ist nicht mehr verfügbar
Senior Application Security Engineer
Webflow
- Saint Paul, Illinois, United States
- Saint Paul, Illinois, United States
Über
We’re looking for a Senior Application Security Engineer to help us level up Webflow’s secure development practices ranging from secure coding, tooling, and improving procedures.
About the role:
Location: Remote‑first (United States; BC & ON, Canada)
Full‑time
Permanent
Exempt
Compensation:
United States:
Zone A: $158,000 - $238,000
Zone B: $149,000 - $224,000
Zone C: $139,000 - $210,000
Canada:
$199,000 - $250,000
This role is also eligible to participate in Webflow's company‑wide bonus program. Target amounts are a percentage of base salary and vary by career level. Payouts are based on company performance against established financial and operational goals.
Reporting to the Sr. Manager, Application Security
As a Senior Application Security Engineer, you’ll…
Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
Bring security best practices to the software development lifecycle.
Work as part of a team to champion security standards while balancing business strategies and requirements.
Support Webflow’s security current and future compliance frameworks.
Work to find security vulnerabilities through grey‑box techniques, and propose solutions at the architecture and code level to mitigate findings.
Contribute code and architecture improvements to enable security within Webflow’s application for engineers.
Cross‑train entry‑level application security engineers.
In addition to the responsibilities outlined above, at Webflow we will support you in identifying where your interests and development opportunities lie and we'll help you incorporate them into your role.
About you: Requirements:
BA/BS degree or equivalent experience
5+ years of application security experience , including
hands‑on software development , and have worked on securing
high‑complexity, large‑scale applications .
You have experience in
secure software design, secure coding, and modern web application security , with ability to
identify security design flaws and business‑logic vulnerabilities , and to
drive risk‑based remediation
with engineering teams.
You have led
threat modeling efforts , and/or conducted
penetration testing , or
manage third‑party pentests , ensuring findings are clearly documented, communicated, and remediated to completion.
You have
managed one or more of application security programs or tooling initiatives such as SCA Supply Chain, SAST, DAST and/or led bug bounty programs .
You have
contributed to security controls within large‑scale solutions , including
designing and/or delivering security features directly into applications
(e.g., authorization models, security controls, or admin‑level protections) in close collaboration with engineering and partner orgs.
You have experience
using and building automation that leverage agentic AI , including applying AI coding agents to scale security reviews, detection, and automation responsibly.
You have participated in
response efforts for application security incidents , from triage and containment through remediation and post‑incident improvements.
Stay curious and open to growth — actively building fluency in emerging technologies like AI to unlock creativity, accelerate progress, and amplify impact.
Our Core Behaviors:
Build lasting customer trust.
We build trust by taking action that puts customer trust first.
Win together.
We play to win, and we win as one team. Success at Webflow isn't a solo act.
Reinvent ourselves.
We don't just improve what exists, we imagine what's possible.
Deliver with speed, quality, and craft.
We move fast because the moment demands it, and we do so without lowering the bar.
Benefits & wellness
Equity ownership (RSUs) in a growing, privately‑owned company
100% employer‑paid healthcare, vision, and dental insurance coverage for full‑time employees (working 30+ hours per week) and their dependents. Full‑time employees may also be eligible for voluntary insurance options where applicable in the respective country of employment
12 weeks of paid parental leave for both birthing and non‑birthing caregivers, as well as an additional 6‑8 weeks of pregnancy disability leave for birthing parents to be used before child bonding leave (note: where local requirements are more generous, employees receive the greater benefit); full‑time employees also have access to family planning care and reimbursement
Flexible PTO for all locations and sabbatical program
Access to mental wellness and professional coaching, therapy, and Employee Assistance Program
Monthly stipends to support work and wellness
401k plan or pension schemes (in countries where statutorily required), and other financial wellness benefits, like CPA and financial advisor coverage
Temporary employees may be eligible for paid holiday and time off, statutory leaves of absence, and company‑sponsored medical benefits depending on their Fixed Term Contract and their country/state of employment.
Remote, together At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity (EEO)/Veterans/Disabled Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job‑related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law. Pursuant to the San Francisco Fair Chance Ordinance, Webflow will consider for employment qualified applicants with arrest and conviction records.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Upon interview scheduling, instructions for confidential accommodation requests will be administered.
To join Webflow, you'll need a valid right to work authorization depending on the country of employment.
If you are extended an offer, that offer may be contingent upon your successful completion of a background check, which will be conducted in accordance with applicable laws. We may obtain one or more background screening reports about you, solely for employment purposes.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.