Staff Application Security Engineer

Our Mission

SPAN is enabling electrification for all ?

SPAN is mission-driven to design, build, and deploy products that electrify our built environment, decarbonize our world, and slow the effects of climate change.

• Decarbonization is the process to reduce or remove greenhouse gas emissions, especially carbon dioxide, from entering our atmosphere.
• Electrification is the process of replacing fossil fuel appliances that run on gas or oil with all-electric upgrades for a cleaner way to power our lives.
  
  

At SPAN, We Believe In

• Enabling homes and vehicles powered by clean energy
• Making electrification upgrades possible
• Building more resilient homes with reliable backup
• Designing a flexible and distributed electrical grid
  
  

The Role

We are seeking a highly skilled and experienced individual to join our Security & Privacy team at SPAN as a Staff/Senior Application Security Engineer. In this critical role, you will be instrumental in building and enhancing SPAN’s application security program. Your responsibilities will ensure the security of our applications through proactive assessment, threat modeling, code reviews and close collaboration with the development teams. Ideal candidates will have extensive experience in application security, deep understanding of secure coding practices and ability to influence and educate others on security matters.

Responsibilities Include

• Developing comprehensive application security strategy aligned with company objectives.
• Perform secure design and code reviews to identify, mitigate, and prevent security vulnerabilities, enabling SPAN teams to deliver secure, high quality products.
• Lead and execute SAST/DAST/SCA efforts.
• Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC).
• Perform threat modeling on existing and upcoming feature sets in SPAN applications to ensure appropriate security controls are built from the ground up.
• Develop and enforce a robust authentication and authorization posture.
• Design, implement, and maintain application security controls and solutions, leveraging hands-on coding experience.
• Ensure compliance with regulatory requirements and industry standards including risk assessments and risk mitigation strategies for application security.
• Stay current with the latest application security threats, vulnerabilities, and best practices. Continuously evaluate and improve application security processes and technologies.
  
  

About You

• Bachelor’s Degree in Computer Science, Information Assurance, Cyber Security, or related field of study
• 5+ years of experience in a security engineering or operations role, with a focus on application security.
• Deep understanding of web and mobile application vulnerabilities and defenses
• Hands-on experience with one or more application security scanning tools.
• Expertise in web, mobile, and API security.
• Can effectively communicate with technical and non-technical audiences
• Proficient in writing production-quality code in one or more languages Python, Kotlin or NodeJS.
• Experience in developing threat models (e.g., STRIDE, DREAD).
  
  

Nice-to-Have

• Hands-on experience with AWS Security best practices
• Experience with vulnerability management.
• Certifications such as CISSP, CSSLP, or relevant industry certifications
  
  

Life at SPAN

Headquartered in San Francisco’s vibrant SoMa neighborhood, we are an eclectic group of creative thinkers who value open communication, teamwork, and a ‘make it happen’ approach to addressing complex challenges.

SPAN embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills.

We’re hiring talented individuals who are driven by success and are passionate about shaping the future of renewable energy. If that sounds like you, we’d love for you to consider joining the rapidly growing team at SPAN.

The Perks

? Competitive compensation + equity grants at a well-funded, venture-backed company

? Comprehensive benefits: 100% employee premiums for base plans on medical, dental, vision with options for additional coverage. Parental leave up to six (6) months depending on eligibility

? Comfortable, sunny office space located near BART and Caltrain public transit

? Strong focus on team building and company culture: Employee Resource Groups, monthly social events, SPANcakes recognition breakfast, lunch and learns

? Flexible hours, one holiday per month and unlimited PTO

Interested in joining our team? Submit an application today and we’ll be in touch with next steps!