Staff Application Security Engineer - Dropbox

View Company Profile

Job Title: Staff Application Security Engineer
Job Location: Remote - US: Arizona; Colorado; Florida; Georgia; Illinois; Massachusetts; Maryland; North Carolina; Oregon; Tennessee; Texas; Virginia; Washington DC; Los Angeles, CA; San Diego, CA; Irvine, CA
Job Listing URL: https://jobs.dropbox.com/listing/4733470?gh_jid=4733470
Job Description: Role Description

As part of the Application Security team, you’ll be working to reduce risk across Dropbox. We partner with engineering and product teams during each point of the software development lifecycle (SDLC) and help drive broader security initiatives across Dropbox.

Application Security Engineers provide security impact by developing secure-by-default libraries and frameworks that teams across Dropbox can frictionlessly integrate into their products. They also offer their expertise on security matters through cross-team consultations that cover design and threat modeling, as well as through documentation and educational initiatives.

Responsibilities

Act as a subject matter expert on application security domains involving web, mobile, and desktop platforms

Conduct security consultations on new and existing products, and be able to communicate complicated issues to non-technical audiences

Improve upon and further integrate the Secure Development Lifecycle (SDLC) into product design and engineering efforts

Empower secure-by-default development by shipping libraries and frameworks that address classes of vulnerabilities at scale

Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities

Requirements

10+ years experience in application security engineering

BS degree in Computer Science or related technical field involving coding (e.g., cybersecurity), or equivalent technical experience

Strong communication skills and relationship building skills

Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)

Experience in building and scaling the Secure Development Lifecycle

Experience with threat modeling and handling vulnerability reports

Experience partnering with cross-functional engineering and product teams

Be able to demonstrate software development experience

Total Rewards

Our Engineering Career Framework is viewable by anyone outside the company and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more here.

At Dropbox, we strive to be a great place for all Dropboxers to grow and be recognized for that growth. This job posting reflects broad requirements, and represents two potential levels of role. Through our assessment process, we will identify your level that ties to compensation based on your experience and technical expertise along with the scope of the role.

For candidates hired in the following locations: Austin (TX) metro, Chicago metro, Colorado, Massachusetts, Maryland, Oregon, Washington D.C. metro, California (outside SF metro), the expected salary/On-Target Earnings (OTE) range for the role is currently $195,800 - $230,400 - $265,000 if you are assessed at the IC4 level. If you are instead assessed at the IC5 level, the expected salary/On-Target Earnings (OTE) range for the role is currently $216,500 - $254,700 - $292,900.

For candidates hired in the following locations: Arizona, Florida, Georgia, Illinois (outside Chicago Metro), North Carolina, Tennessee, Texas (outside Austin Metro), Virginia (outside D.C. Metro), the expected salary/On-Target Earnings (OTE) range for the role is currently $174,100 - $204,800 - $235,500 if you are assessed at the IC4 level. If you are instead assessed at the IC5 level, the expected salary/On-Target Earnings (OTE) range for the role is currently $192,400 - $226,400 - $260,400.

Range(s) is subject to change. Dropbox takes a number of factors into account when determining individual starting pay, including job and level they are hired into, location/metropolitan area, skillset, and peer compensation. Dropbox uses the zip code of an employee’s remote work location to determine which metropolitan pay range we use.

Salary/OTE is just one component of Dropbox’s total rewards package. All regular employees are also eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs).