Broxer
Bergabung
This page was automatically translated and may contain errors. View in English.
Yelp

Senior Application Security Engineer

Yelp

Remote • Penuh Waktu

Jadilah yang pertama mendaftar

Pengalaman
3+ yrs
Gaji
Lowongan
1
Diposting
2 jam yang lalu

Deskripsi pekerjaan

Role overview

Yelp’s engineering environment is built around teamwork, individuality, and practical problem-solving. Engineers are encouraged to ship real code quickly, grow with guidance from mentors and managers, and contribute in a setting that is collaborative and enjoyable.

The Application Security team is responsible for protecting Yelp’s users, products, services, and internal engineering workflows. The scope includes internal security tooling such as SAST, as well as support for the company’s public bug bounty program. In this role, you will work with mobile, frontend, and backend engineers to create secure-by-default patterns and reusable frameworks that can support Yelp’s expanding product ecosystem.

This position is for someone who can help strengthen application and service security against new threats while influencing how security is built into the development process from the start. You’ll have the chance to make a real impact on products used by millions of people, while working in an inclusive environment that values authenticity and creativity.

This opportunity is open only to candidates located in the Republic of Ireland. The company encourages applications even from candidates who do not meet every listed qualification.

Key responsibilities

  • Partner with engineering teams across mobile, frontend, and backend to run threat models, review designs, and build secure shared libraries that improve application and service security.
  • Create and operate services that strengthen login and account protection for Yelp’s web and mobile products.
  • Help with security operations, including incident response, evaluating bug bounty submissions, and handling vulnerability findings from internal security tooling.
  • Develop automation that helps identify, reduce, and block possible security risks in Yelp’s applications and services.
  • Promote secure coding practices and security policies so they become part of the software development lifecycle.
  • Contribute as a collaborative team member who aligns with Yelp’s values and supports an inclusive working culture.

What the role asks for

  • A software generalist background with a genuine interest in application security.
  • Several years of experience in software engineering focused on application security.
  • Solid knowledge of web security, mobile security, APIs, and cloud security.
  • Working familiarity with common weaknesses and attack patterns, including the OWASP Top 10.
  • Strong command of at least one modern programming language such as Python, Java, JavaScript/React, Swift, or Objective-C.
  • Experience in security research or penetration testing is considered an advantage.
  • Ability to read and navigate unfamiliar codebases with confidence.

What you’ll receive

  • Ownership of projects from the start, along with a supportive team and a dynamic work setting.
  • Competitive compensation, a pension plan, and an optional employee stock purchase program.
  • 25 days of paid leave, increasing to 29 days with service, plus one floating holiday.
  • €150 per month toward remote working expenses.
  • €86 per month to help cover caregiver or dependent care costs for families.
  • Private medical coverage, including dental and vision benefits.
  • Flexible working hours and no-meeting Wednesdays.
  • Regular 3-day hackathons, bi-weekly learning groups, and productivity spending to encourage professional development.
  • Opportunities to join digital events and conferences.
  • €86 per month for eligible wellness expenses.
  • Quarterly team offsites.

Equal opportunity and recruiting notice

Yelp is committed to hiring fairly and welcomes applicants regardless of race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, disability, or other protected characteristics.

Agency resumes are not accepted. Do not send resumes to recruiting aliases or employees, and unsolicited resumes will not generate agency fees.

Recruiting and applicant privacy

Recruiting and Applicant Privacy Notice

Keterampilan

Python Jawa JavaScript Keamanan cloud Code Review Application Security Secure Coding Web Security Penetration Testing API Security Threat modeling Mobile Security

Biarkan saja jika Anda ingin mendapat balasan — kami tidak akan menggunakannya untuk hal lain.

Klik untuk melihat-lihat, seret & lepas, atau pasta tangkapan layar

PNG, JPG, GIF, MP4, WebM, MOV · Maksimal 20MB per file · Hingga 5 file