Construction software made for the field.
About the Role:
PlanGrid is used on thousands of construction projects (including hospitals, government buildings, universities, utility plants, etc.), and we must do everything in our power to keep our 40M+ blueprints secure for our customers. As an Application Security Engineer, you will be responsible for securing our web and mobile applications. You will work with development teams to design and build secure solutions, get involved in all stages of software development, and generally solve security challenges. The Application Security Engineer will lead application security reviews of all projects while setting standards and defining best practices for the R&D organization.
- Perform application security design reviews against new products and services
- Track and prioritize all security issues
- Build internal security tools that help fix security problems at scale
- Play a lead role in developing and designing application-level security controls and standards for our SaaS rollouts
- Perform code review and drive remediation of discovered issues
- Enable automated security testing at scale to measure vulnerability, and report on risk across all the web and mobile platforms
- Lead and manage our bug bounty program
- Build the security development training program to train developers on secure coding practices
- Experience or working knowledge of modern development, test, and deployment models
- Demonstrated expertise in application security domain
- Understanding of application security in context of SDLC and CI-CD
- Working knowledge on exploiting and fixing application vulnerabilities
- Proficient in one or more programming languages such as React, Python, Ruby, etc.
- Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences
- Minimum Requirements: Bachelor’s or Master's degree with 4 years of security engineering experience in production environment
- Strong knowledge of web protocols
- Knowledge of various security tools and architecture
- Knack for finding flaws in software and ability to efficiently communicate how to fix them
- Strong communicator who is accustomed to working closely with a product team
- Ability to think about problems from an out-of-the box perspective; doesn’t always default to industry norms
- Ability to think like an attacker and use that context to develop threat models
PlanGrid solves a major problem for a 7,000 year old industry. Construction data is shackled in legacy, paper blueprints that are clunky, heavy to carry, and result in enormous rework costs totaling $9 billion per year for the industry due to working from outdated plans.
PlanGrid was built by builders, for builders. We’re spearheading the industry’s transformation to the cloud and digitization by arming construction workers with the best productivity tools. Contractors, owners, designers, and architects worldwide maximize PlanGrid to finish their projects on time and under budget. PlanGrid currently stores over 50 million blueprints, making us the largest digital blueprint repository in the world. We emerged from Y Combinator in 2012, and have secured over $62 million in funding from world-renowned organizations and individuals including Sequoia, Founders Fund, GV, 500 Startups, Box, Northgate, Spectrum 28, and Tenaya Capital.
- Located in San Francisco’s Mission District just one block from BART, among local shops, bars, and restaurants
- Flexible vacation
- Dog-friendly office
- Clipper Cards (for public transportation) funded by PlanGrid
- Construction site tours of the biggest projects in San Francisco using PlanGrid
- Volunteer time off: We encourage employees to give back to our local communities. We organize volunteer days and have worked with organizations such as Glide, SF/Marin Food Bank, Muttville, Family Dog Rescue, and Bryant Elementary School (as part of PlanGrid’s commitment with Circle the Schools).
- Catered lunches
- Premium medical, dental, and vision coverage for full-time employees and their dependents
- Office is wheelchair accessible