Staff Application Security Engineer, Webflow

$154.2-247.7k

Salary applicable for US based candidates. For candidates based in Canada: $199,280 - $281,060 + Bonus program + Equity in the form of RSUs

Senior and Expert level

Remote in Canada, US

More information about location

No-code web design and hosting platform

Be an early applicant

No-code web design and hosting platform

1001+ employees

B2BSaaSNo-CodeWeb Design

Be an early applicant

$154.2-247.7k

Salary applicable for US based candidates. For candidates based in Canada: $199,280 - $281,060 + Bonus program + Equity in the form of RSUs

Senior and Expert level

Remote in Canada, US

More information about location

1001+ employees

B2BSaaSNo-CodeWeb Design

Company mission

To give creative designers the tools they need to create powerful and beautiful websites, all without having to code.

Job

Company

Role

Who you are

Have 7+ years of experience in application security, including 2+ years of software development focused on security
Are passionate about security, eager to learn, and enjoy sharing knowledge by explaining complex security concepts to colleagues
Have expertise in secure software design, secure coding, and web application security, with a strong commitment to risk reduction and sustainable security practices
Have experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities
Have worked on software supply chain security and led bug bounty programs and security tooling initiatives
Have successfully implemented and improved secure development lifecycle (SDLC) processes, including planning, communication, and automation
Have led and delivered multi-quarter, complex security projects, application security roadmaps, and medium to large security programs in collaboration with engineering teams
Have experience mentoring other application security engineers and fostering security best practices across organizations

What the job involves

We’re looking for a Staff Application Security Engineer to help us level up Webflow’s secure development practices ranging from secure coding, tooling, and improving procedures
Reporting to the Manager, Application Security
Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem
Bring security best practices to the software development lifecycle
Work as part of a team to champion security standards while balancing business strategies and requirements
Support Webflow’s security current and future compliance frameworks
Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings
Contribute code and architecture improvements to enable security within Webflow’s application for engineers
Cross-train entry and mid-level application security engineers
In addition to the responsibilities outlined above, at Webflow we will support you in identifying where your interests and development opportunities lie and we'll help you incorporate them into your role

Our take

No-code development systems allow users to create and publish the kind of output that was once only possible with the help of a team of developers. Webflow is one such platform that allows non-developers to create professional websites without knowing any code. It joins others such as Pantheon, Weebly, Squarespace, and Wix in a hotly-contested low-code development market. While competition is high, so too is demand, with low-code platforms accounting for more than 65% of application development activity in 2024.

The popularity of platforms such as Webflow is perhaps not surprising, as low-code development is usually cheaper for companies to implement and reduces time to market. Webflow has been used by over 3.5 million designers and teams to create sites for companies including enterprise brands such as Dell, Rakuten, UpWork, and Petal. It raised a large amount of funding in a Series C round in 2022. This is being used to further develop its platform, with a longer-term goal of pivoting to providing a no-code tool not only for websites, but software development as well.

Steph

Company Specialist at Welcome to the Jungle

Insights

Top investors

34% employee growth in 12 months

Glassdoor (4.1)

Company

Funding (last 2 of 4 rounds)

Mar 2022

$120m

SERIES C

Jan 2021

$140m

SERIES B

Total funding: $334.9m

Company benefits

100% insurance coverage
401K and financial planning
Paid time off
Annual retreat and offsites
10% time - Take up to 4 hours per week to focus on building skills, working on projects, or learning new Webflow-related things outside of your daily to-do’s.
Commuter benefits
Vacation bonus
Office setup budget
Health and wellness stipend
Remote work reimbursements
Continued education coverage
Choose your own adventure
Webflow subscription discount

Company HQ

SoMa, San Francisco, CA

Leadership

Vlad Magdalin

(Co-founder & CEO)

Having studied Computer Science at California Polytechnic, Vlad worked as a Web Associates Systems Engineer for 3 years before co-founding Chatterfox.com, where he spent 4 yeas. He left his Software Engineer position at Intuit in August 2012 to co-found Webflow the following month, and has been CEO since.

Sergie Magdalin

(Co-founder)

Sergie spent 4 years as a freelance Graphic Designer before joining NameMuir Skate as a Web & UX Designer.

Bryant Chou

(Co-founder)

Previously a Senior Software Engineer at Intuit and CTO at Vungle. He was also the founding CTO at Webflow.

Share this job

View 23 more jobs at Webflow