Related skills
saml oidc oauth 2.0 jwt sastπ Description
- Own end-to-end authentication/authorization architecture, incl. sessions and RBAC.
- Drive CCPA compliance across the platform, map data flows, access controls.
- Design and maintain SAST/DAST frameworks, integrated into CI/CD.
- Lead threat modeling for new features and platform changes.
- Define security standards, policies, and runbooks for engineers.
- Respond to post-incident security reviews and drive fixes.
π― Requirements
- 8+ years of security engineering experience, with depth in application security.
- Strong expertise in OAuth 2.0, OIDC, SAML, JWT for auth.
- Hands-on SAST/DAST and CI/CD pipelines; familiarity with Semgrep, Snyk.
- CCPA/GDPR compliance knowledge for SaaS handling personal data.
- Experience translating regulatory requirements into engineering controls.
- Comfort as a senior IC; write RFCs, lead design reviews, mentor engineers.
π Benefits
- Hybrid Work Model: Based in San Francisco with in-office/remote balance.
- Fresh Lunch provided on in-office days.
- Commuter Support: $150 monthly transit reimbursement.
- Health & Wellness: $200 quarterly wellness reimbursement.
- Time Off: Flexible PTO plus 14 holidays.
- Retirement & Ownership: 401k plus an equity package.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!