echojobs.io
Login

Kandji

Staff Security Engineer, AppSec

Miami, FL San Francisco, CA
Python JavaScript Go AWS GCP Azure
Search for More Jobs Talk to a recruiter now 💪
Description
About Kandji

Kandji is the Apple Device Management and Security Platform. Kandji empowers companies to manage and secure Apple devices in the enterprise and at scale. By centrally securing and managing Mac, iPhone, iPad, and Apple TV devices, IT and InfoSec teams can save countless hours of manual, repetitive work with features like one-click compliance templates and more than 150 pre-built automations, apps, and workflows. 

Device Harmony is our vision for tearing down the wall between IT and InfoSec to keep every Apple user secure and productive, using connected intelligence and automation. By choosing a career with Kandji, you will play an integral role in contributing to making our vision a reality. Backed by world-class investors such as Tiger Global, Greycroft, B Capital Group, Okta Ventures, the Spruce House Partnership, and First Round Capital, Kandji has raised over $100+M in capital to date.

Trusted by industry leaders, Kandji’s rapidly growing customer base includes companies like Ramp, Notion, Netskope, Noom, Turo, Groupon, VoxMedia, and more. 

Recognized for its award-winning products, Kandji was recently named the #1 fastest-growing app in Okta’s 2023 Businesses at Work Report and a G2 Best Software 2023 Award Winner for Fastest Growing Products! 


The Opportunity

The Staff Security Engineer, AppSec will play a critical role in safeguarding Kandji’s products and infrastructure by designing security programs, conducting thorough threat modeling, managing vulnerabilities, and embedding secure development practices. This role will work closely with product managers, engineering teams, and cross-functional stakeholders to ensure security is a foundational component of all our initiatives.

How you will make a difference

  • Threat Modeling: Lead the development of comprehensive threat models for new and existing products to identify, assess, and mitigate security risks.
  • Vulnerability Management: Establish and manage a vulnerability management lifecycle for our applications, ensuring timely detection, reporting, and remediation of security vulnerabilities.
  • Security Programs: Design and implement application security programs focused on building security into the software development lifecycle (SDLC) and establishing secure coding practices.
  • Collaboration with Engineering: Partner with product and engineering teams to integrate security requirements into architectural designs and development processes.
  • Security Audits & Assessments: Conduct regular security assessments of applications and infrastructure, focusing on identifying areas of weakness and recommending actionable improvements.
  • Security Incident Response: Support the incident response team in application-related security incidents by providing expertise on containment, eradication, and post-incident analysis.
  • Security Awareness: Mentor and coach engineering teams on security best practices and create security awareness initiatives tailored to the development environment.
  • Automation & Tooling: Drive the adoption of security automation, including code scanning, security testing, and CI/CD pipeline integration to streamline security processes.

We’d love to hear from you if you have

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
  • 8+ years of experience in application security, preferably within a SaaS environment.
  • Strong proficiency in threat modeling, secure coding practices, vulnerability management, and incident response.
  • Hands-on experience with security tools such as static/dynamic analysis tools (SAST, DAST), penetration testing tools, and CI/CD pipeline integration.
  • Familiarity with modern programming languages (e.g., Python, JavaScript, Go) and cloud platforms (e.g., AWS, GCP, Azure).
  • Industry certifications such as CISSP, OSCP, or CEH are a plus.
  • Required to work on-site 3 days a week (Tuesday, Wednesday, Thursday) in San Francisco or 4 days a week (Monday through Thursday) in Miami. Managers may require additional on-site days.

Competencies

  • Technical Leadership: Demonstrated ability to lead and guide teams in the development and execution of security initiatives.
  • Threat Analysis: Strong understanding of threat modeling techniques, application security risks (OWASP Top Ten), and secure coding practices.
  • Risk Management: Expertise in managing security vulnerabilities and threats through identification, prioritization, and mitigation strategies.
  • Communication: Excellent communication skills to effectively collaborate with cross-functional teams, present complex security concepts, and advocate for secure design practices.
  • Innovation & Problem Solving: Creative thinker with the ability to develop novel security solutions in response to emerging threats and vulnerabilities.
  • Continuous Improvement: Strong commitment to staying up-to-date with evolving security standards and best practices, and a passion for continuous learning and improvement.
These requirements are for the strongest, ideal candidate.  Even if you do not outperform every bullet point, Kandji encourages you to apply.  We promote a diverse, equitable, and inclusive culture and recognize that even the strongest candidates won’t have all desired experiences and qualifications.

Benefits & Perks

 • Competitive salary
 • 100% individual and dependent medical + dental + vision coverage
 • 401(k) with a 4% company match
 • 20 days PTO
 • 14 paid holidays per year
 • 10 health and wellness days per year
 • Kandji Wellness Week Off July 1 - July 5, 2024
 • Equity for full-time employees
 • 12 weeks of paid leave for new parents
 • Paid Family and Medical Leave
 • Modern Health - Mental Health Benefits - Individual and Dependents
 • Monthly Utilities stipend
 • Gym Membership
 • Lunch 3 Days/Week
 • Exciting opportunities for career growth
 • An outstanding, inclusive culture

We are excited to be serving a significant need for a fast-growing market, and are proud of the high-performing team we have brought together so far. If you’re someone who wants to engage in new, exciting projects that will challenge your skills in the best way possible, we would love to connect with you.

At Kandji we believe in fostering an inclusive environment in which employees feel encouraged to share their unique perspectives, leverage their strengths, and act authentically. We know that diverse teams are strong teams, and welcome those from all backgrounds and varying experiences.

Kandji is proud to be an equal opportunity employer committed to diversity and inclusion in the workplace. Qualified applicants will be considered for employment without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, physical or mental disability, protected veteran or military status or any other status protected by applicable law.
Kandji
Kandji
Information Technology iOS Mobile Software

0 applies

7 views

Other Jobs from Kandji

Senior Data Engineer II

San Francisco, CA

Senior QA Engineer

San Francisco, CA

Similar Jobs

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

60,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 389 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

To try it out

For active job seekers

For those who are passive looking

Cancel anytime

Frequently Asked Questions

  • We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
  • Salaries for the engineering jobs on our site range from $100K-$200K. On average, senior engineer positions on our EchoJobs are about $160K.
  • The EchoJobs positions have been sourced and vetted from the top companies to work for in the US as a software engineer, including LinkedIn and other reputable job sites. We also have syndicated jobs from companies that have just raised funding, as well as those that have great unique products and culture. From all of these sources, our founder, Morgan, has also resourced the company's authenticity in terms of their website, public appearance, and more.
  • Yes, our users asked us for just this, so now our search filters allow you to search for your top jobs via location, as well as by onsite, remote, or both. Approximately 30% of our jobs are remote, so you’ve got the best options for you!
  • We have not yet implemented this option, but are considering doing so in the future. For the moment, you would need to cancel your subscription, and resubscribe when you wanted to come back.
  • We add new jobs to EchoJobs every day! We scan our sources for the newest jobs, verify them, and post them to EchoJobs within minutes. We add about 2,000-3,000 new jobs for you each day!
  • From starting your job search to getting hired, the entire job search process can take us software engineers anywhere between 3-6 months. However, at EchoJobs, we’re striving to shorten this duration by finding the best, newest jobs for you, so you can do less job searching, and more applying.
  • We’d recommend checking EchoJobs daily, as we add new jobs to the site each day. Additionally, if you got a chance to read our previous email on “what makes EchoJobs different from any other job search tools,” we also recommended that you set a job alert based on your job filters, so if you get emails on those new jobs, you could be checking more than once per day.
  • If you decide to continue with us after the 1-month trial, we definitely recommend this, as we all know it usually takes 3-6 months to find a quality job as a software engineer these days. So to best support you, we just adjusted our membership options at EchoJobs to monthly, 3 months, or 12 months (this option is more for passive job seekers looking a little bit for the future if they want to come back to work or make a job switch potentially. This lets you see what’s out there in case an even better fit job becomes available.)
  • EchoJobs is truly the only job site of its kind. We want to be THE spot for you to find the best job for you, and haven’t encountered any other company doing this. Other job sites are in niches besides software engineering or focus on a small portion of engineering jobs (like a specific coding language). In the words of Morgan, our founder, “I think what makes EchoJobs different is the amount of jobs, frequency that we add new jobs (we add 2,000-3,000 new jobs daily!), and the powerful search engines to find exactly the job you want more easily and efficiently. We can provide you with the most jobs that are vetted by us, we’ll continually find more new jobs for you, and we make it easier for you to apply and get hired.

What Fellow Engineers Say