Staff Application Security Engineer, Webflow

$154.2-247.7k

Salary applicable for US based candidates. For candidates based in Canada: $199,280 - $281,060 + Bonus program + Equity in the form of RSUs

Senior and Expert level
Remote from Canada, US

More information about location

Webflow

No-code web design and hosting platform

Open for applications

Webflow

No-code web design and hosting platform

1001+ employees

B2BSaaSNo-CodeWeb Design

Open for applications

$154.2-247.7k

Salary applicable for US based candidates. For candidates based in Canada: $199,280 - $281,060 + Bonus program + Equity in the form of RSUs

Senior and Expert level
Remote from Canada, US

More information about location

1001+ employees

B2BSaaSNo-CodeWeb Design

Company mission

To give creative designers the tools they need to create powerful and beautiful websites, all without having to code.

Role

Who you are

  • Have 7+ years of experience in application security, including 2+ years of software development focused on security
  • Are passionate about security, eager to learn, and enjoy sharing knowledge by explaining complex security concepts to colleagues
  • Have expertise in secure software design, secure coding, and web application security, with a strong commitment to risk reduction and sustainable security practices
  • Have experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities
  • Have worked on software supply chain security and led bug bounty programs and security tooling initiatives
  • Have successfully implemented and improved secure development lifecycle (SDLC) processes, including planning, communication, and automation
  • Have led and delivered multi-quarter, complex security projects, application security roadmaps, and medium to large security programs in collaboration with engineering teams
  • Have experience mentoring other application security engineers and fostering security best practices across organizations

What the job involves

  • We’re looking for a Staff Application Security Engineer to help us level up Webflow’s secure development practices ranging from secure coding, tooling, and improving procedures
  • Reporting to the Manager, Application Security
  • Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem
  • Bring security best practices to the software development lifecycle
  • Work as part of a team to champion security standards while balancing business strategies and requirements
  • Support Webflow’s security current and future compliance frameworks
  • Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings
  • Contribute code and architecture improvements to enable security within Webflow’s application for engineers
  • Cross-train entry and mid-level application security engineers
  • In addition to the responsibilities outlined above, at Webflow we will support you in identifying where your interests and development opportunities lie and we'll help you incorporate them into your role

Share this job

View 30 more jobs at Webflow

Insights

Top investors

34% employee growth in 12 months

Company

Company benefits

  • 100% insurance coverage
  • 401K and financial planning
  • Paid time off
  • Annual retreat and offsites
  • 10% time - Take up to 4 hours per week to focus on building skills, working on projects, or learning new Webflow-related things outside of your daily to-do’s.
  • Commuter benefits
  • Vacation bonus
  • Office setup budget
  • Health and wellness stipend
  • Remote work reimbursements
  • Continued education coverage
  • Choose your own adventure
  • Webflow subscription discount

Funding (last 2 of 4 rounds)

Mar 2022

$120m

SERIES C

Jan 2021

$140m

SERIES B

Total funding: $334.9m

Our take

No-code development systems allow users to create and publish the kind of output that was once only possible with the help of a team of developers. Webflow is one such platform that allows non-developers to create professional websites without knowing any code. It joins others such as Pantheon, Weebly, Squarespace, and Wix in a hotly-contested low-code development market. While competition is high, so too is demand, with low-code platforms accounting for more than 65% of application development activity in 2024.

The popularity of platforms such as Webflow is perhaps not surprising, as low-code development is usually cheaper for companies to implement and reduces time to market. Webflow has been used by over 3.5 million designers and teams to create sites for companies including enterprise brands such as Dell, Rakuten, UpWork, and Petal. It raised a large amount of funding in a Series C round in 2022. This is being used to further develop its platform, with a longer-term goal of pivoting to providing a no-code tool not only for websites, but software development as well.

Steph headshot

Steph

Company Specialist at Welcome to the Jungle