Full Job Description
Security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 60 million Community members. As an Application Security Engineer, you will collaborate with other security and engineering teams on identifying vulnerabilities in our application while improving visibility and implementing application security best practices throughout SDLC.
Bake security into every stage of the software development lifecycle for Backend/Mobile/Web applications.
Review requirements of new features and systems, perform threat models to come up with security requirements
Identify security gaps and vulnerabilities through SAST, DAST, SCA, threat modeling, design review, code review and penetration testing
Strong web, api, network, mobile and other other penetration testing skills
Understand production infrastructure and provide recommendations to the product to implement end to end product securely
Responsible for providing remediation recommendations and partner with product engineering teams to come up with acceptable solutions
Evaluate and integrate security tools and solutions to improve application security posture
Develop custom tools and automations that enable DevSecOps and SecOps
Understand Poshmark functionality – Applications web, mobile, admin portal and API
Understand Security policies including application security policy, information security policy etc
Understand the business landscape, threats and other issues
Complete one round of penetration testing of application, mobile and web
Start integrating into SDLC to start performing threat models
12+ Month Accomplishments
Fully integrate into SDLC process, covering all aspects of SDLC life cycle
Perform threat models and provide security requirements for new product features
Understand Infrastructure governance and other requirements
Start identifying gaps in the program, automation use cases to reduce false positives and drive efficiently
Take ownership of penetration testing, perform and support bug bounty program
5+ years of professional hands-on experience in application security and penetration testing
Strong foundation of security architecture, protocols, vulnerabilities, and countermeasures.
Strong understanding of secure coding standards and security risks (e.g. OWASP Top 10)
Familiarity with cryptography primitives and fundamentals (e.g. SSL/TLS, PKI)
Ability to juggle multiple responsibilities and prioritize automation over manual process.
Strong attention to detail and accountability under minimal supervision.
Strong growth/automation mindset.
Experience in developing production-level software at scale.
Understanding of AWS infrastructure and security.
Experience in security incident detection and response.
CISSP or equivalent security certification
Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, pets, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of ecommerce, Poshmark makes buying and selling simple, social, and sustainable. Its community of more than 70 million registered users across the U.S., Canada, and Australia is driving the future of commerce while promoting more sustainable consumption. For more information, please visit www.poshmark.com, and for company news and announcements, please visit investors.poshmark.com. You can also find Poshmark on Instagram, Facebook, Twitter, Pinterest, and YouTube.
At Poshmark, we’re constantly challenging the status quo and are looking for innovative and passionate people to help shape the future of Poshmark. We’re disrupting the industry by combining social connections with e-commerce through data-driven solutions and the latest technology to optimize our platform. We’re nothing without our amazing team who deliver an unparalleled social shopping experience to the millions of people we connect each day.
We built Poshmark around four core values:
1) Focus on People to create empowered communities that drive success;
2) Together we Grow to support each other to strive for our dreams;
3) Lead with Love to foster genuine connections built upon a foundation of respect; and
4) Embrace your Weirdness to accept and empower one another on their own unique journey.
We’re invested in our team and community, working together to build an entirely new way to shop. That way, when we win, we all win together. Come help us build the most connected shopping experience ever.
Here’s what we’ll set you up with:
A team that is invested in your career growth and development
Company sponsored insurance
Work alongside world-class talent
Flexible vacation / paid time off policy
Healthy and exciting catered lunches, snacks and beverages offered daily
Personal style encouraged (or not, whatever you’re in to)
Fun company happy hours, parties, and offsite events
Poshmark is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Job Description Job Description: The Client Customer Enabling team is enabling its customers on various ingredients/IPs for their launch. We...Apply For This Job
About the Company:Indglobal Digital is the Premier partner for Enterprises and Startups in Accelerating their Digital adoption and transformation. Whether...Apply For This Job
System Architect – JD Description A System Architect works closely with the Requirements, Mechanical, Electrical, Safety and Systems team to...Apply For This Job
Full-time4 hours ago Full Job Description The Site Reliability Engineer will be part of a horizontal function that is responsible...Apply For This Job
Full-time16 hours ago Full Job Description Overview: Join a dynamic team that designs, develops and supports software solutions to the...Apply For This Job
13 hours ago Full Job Description Technical Developer, GFO GTS – Business Intelligence-21000GBF Applicants are required to read, write, and...Apply For This Job