Job Description Conduct thorough security code reviews for all software releases, including new software developed in-house, as well as third-party and open-source contributions. Identify and assess potential vulnerabilities in code written in various languages, including GO and Ruby, and provide actionable recommendations for mitigation. Collaborate closely with development teams to integrate security best practices into the software development lifecycle. Develop and maintain documentation related to security processes, standards, and guidelines. Utilize SAST and DAST scanning within the CI pipeline and confirm findings to enhance application security. Manage and implement security architecture for API solutions. Qualifications: Qualifications Bachelor’s degree in Computer Science, Information Security, or a related field. 5 years experience as an application analyst and/or conducting security code reviews and vulnerability assessments. 2 years of experience with QA software testing processes and methodologies. Solid understanding of application security principles, with a focus on identifying and mitigating common vulnerabilities. Proficiency in GO and Ruby, with some experience in a current framework, such as Rails or React. Familiarity with APIs and their security implications. Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment. Ability to work independently and as part of a team. Strong analytical and problem-solving skills. Experience with specific security standards and regulations, such as PCI, NYDFS, CCPA, ISO, NIST and/or SoX. Additional Information Benefits Base salary per year (paid semi-monthly) Fast- paced and professional work culture Stock options with standard startup vesting – 1 year cliff; 4 years total
- 50 monthly communication expense stipend to go towards your phone/internet bill
- 250 stipend to enhance your WFH setup
Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200) Premium medical benefits including vision and dental (100% coverage for employees) Company-sponsored life and disability insurance Paid parental bonding leave Paid sick leave, jury duty, bereavement 401k plan Flexible Time Off (our team members typically take off ~3-4 weeks per year) Volunteer Time Off 13 scheduled holidays 4-6x / year in-person team meet-ups Salary Range: $160,000 – 175,000 PayNearMe strives to create a workplace where all employees thrive. Our core values represent who we are today and we take pride in the way we work with each other as well as with our stakeholders. We’re in this together to do the right thing . We deliver real results we are proud of while remaining respectful , transparent , and flexible . PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply. — Candidate information will be treated in accordance with our job applicant privacy notice found at: Assistance for Disabled Applicants Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance. All your information will be kept confidential according to EEO guidelines. Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 5 years experience as an application analyst and/or conducting security code reviews and vulnerability assessments.
- 2 years of experience with QA software testing processes and methodologies.
- Solid understanding of application security principles, with a focus on identifying and mitigating common vulnerabilities.
- Proficiency in GO and Ruby, with some experience in a current framework, such as Rails or React.
- Familiarity with APIs and their security implications.
- Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
- Ability to work independently and as part of a team.
- Strong analytical and problem-solving skills.
- Experience with specific security standards and regulations, such as PCI, NYDFS, CCPA, ISO, NIST and/or SoX.
Additional Information
- *Benefits**
- Base salary per year (paid semi-monthly)
- Fast- paced and professional work culture
- Stock options with standard startup vesting – 1 year cliff; 4 years total
- $50 monthly communication expense stipend to go towards your phone/internet bill
- $250 stipend to enhance your WFH setup
- Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200)
- Premium medical benefits including vision and dental (100% coverage for employees)
- Company-sponsored life and disability insurance
- Paid parental bonding leave
- Paid sick leave, jury duty, bereavement
- 401k plan
- Flexible Time Off (our team members typically take off ~3-4 weeks per year)
- Volunteer Time Off
- 13 scheduled holidays
- 4-6x / year in-person team meet-ups
- *Salary Range:** $160,000 – 175,000
PayNearMe strives to create a workplace where all employees thrive. Our [core values]( represent who we are today and we take pride in the way we work with each other as well as with our stakeholders. We’re in this **together** to **do the right thing**. We deliver **real results** we are proud of while remaining **respectful** , **transparent** , and **flexible**. _PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply._ — Candidate information will be treated in accordance with our job applicant privacy notice found at: **Assistance for Disabled Applicants** Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance. All your information will be kept confidential according to EEO guidelines. #J-18808-Ljbffr
application-security Ruby on Rails remote work Go API Dynamic application security testing (DAST) React sast Ruby