Webflow

Staff Application Security Engineer

Webflow

full-time

Posted on:

Location Type: Remote

Location: CaliforniaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $164,000 - $247,000 per year

Job Level

Lead

Tech Stack

SDLC

About the role

  • Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
  • Bring security best practices to the software development lifecycle.
  • Champion security standards while balancing business strategies and requirements.
  • Support Webflow’s security compliance frameworks
  • Find security vulnerabilities through grey-box techniques
  • Propose solutions at the architecture and code level.
  • Contribute code and architecture improvements to enable security within Webflow’s application.
  • Cross-train entry and mid-level application security engineers.

Requirements

  • BA/BS degree or equivalent experience
  • 7+ years of application security experience
  • Hands-on software development experience
  • Technical authority in securing high-complexity, large-scale applications
  • Deep expertise in secure software design, secure coding, and modern web application security
  • Proven ability to identify security design flaws and complex business-logic vulnerabilities
  • Experience leading threat modeling efforts
  • Conduct and oversee advanced penetration testing
  • Manage third-party pentests
  • Designed, implemented, and evolved software supply chain security programs
  • Owned or led bug bounty programs and major security tooling initiatives
  • Implemented and improved Secure Development Lifecycle (SDLC) processes at scale
  • Driven multi-quarter application security roadmaps and complex security programs
  • Led security initiatives within large-scale solutions
  • Experience using and building security solutions that leverage agentic AI
  • Participated in and led response efforts for application security incidents
  • Actively mentor and elevate other application security engineers
  • Passion for security and continuous learning
  • Ability to explain complex security concepts clearly.
Benefits
  • Ownership in what you help build.
  • Health coverage that actually covers you.
  • Support for every stage of family life.
  • Time off that’s actually off.
  • Wellness for the whole you.
  • Invest in your future.
  • Monthly stipends that flex with your life.
  • Bonus for building together.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securitysecure software designsecure codingpenetration testingthreat modelingSecure Development Lifecycle (SDLC)bug bounty programssoftware supply chain securitysecurity vulnerabilitiesagentic AI
Soft Skills
collaborationleadershipmentoringcommunicationproblem-solvingcontinuous learningbalancing business strategiesexplaining complex concepts
Certifications
BA/BS degree