Principal Application Security Engineer at Vimeo

Vimeo logo
Vimeo

Principal Application Security Engineer

Remote

Full Time

#Engineering

#Application Security

#Cyber Security

#Python

#Go

#PHP

#JavaScript

#Ruby

#Pen Testing

#AWS

#GCP

#SDLC

#Shell Scripting

Vimeo is looking for a Principal Application Security Engineer

Sign up to unlock quick summaries and profile fit assessments

Vimeo is the world's most innovative video experience platform, empowering millions of users to create high-quality video content that brings ideas to life. From independent storytellers to large-scale global enterprises, our community relies on us to host and share their work, which generates billions of views every month. As a Principal Application Security Engineer, you will play a vital role in protecting the content and data that our users entrust to us daily. You will join a collaborative environment where we prioritize security, innovation, and a supportive team culture.

Key outcomes

  • Design and implement security architecture, including technical plans for cookie management, middleware development, and secure token handling.
  • Conduct internal penetration testing on production and staging environments and coordinate engagements with external security firms.
  • Develop internal automated security tools using languages such as Python, Go, or Bash to support our paved road initiatives.
  • Perform threat modeling to identify potential vulnerabilities and provide actionable defense strategies to product and engineering teams.
  • Execute code reviews to identify weaknesses early in the development process.
  • Manage our bug bounty program by triaging reports and engaging with the research community.
  • Configure and maintain Web Application Firewalls and rate-limiting rules to ensure system stability.
  • Drive remediation efforts to reduce the mean time to resolve discovered security issues.
  • Integrate automated security tooling, such as static and dynamic analysis, into our software development lifecycle.
  • Lead incident response efforts, including detection, containment, and root cause analysis.
  • Foster a strong security culture through developer education and cross-functional collaboration with infrastructure, compliance, and privacy teams.

Requirements

  • At least 7 years of total experience in engineering, application security, or a closely related technical field.
  • A minimum of 5 years of hands-on experience in software development, DevOps, or site reliability engineering.
  • Strong proficiency in at least one of the following languages, with the ability to read and understand code in all of them: Python, Go, PHP, JavaScript, and Ruby.
  • Expertise in application penetration testing using tools like Burp Suite or OWASP ZAP.
  • Deep knowledge of modern web, mobile, and network security principles.
  • Confidence working within cloud environments, specifically AWS or GCP.
  • Proficiency in shell scripting and familiarity with standard SDLC tools such as Git, Jira, and Jenkins.
  • Excellent communication skills with the ability to explain complex security concepts to developers.
  • An upper-intermediate level of English proficiency.
  • Availability to work a full-time, remote schedule that includes a daily three-hour overlap with US Eastern Time.

Preferred qualifications

  • Prior professional experience specifically within application security.
  • A portfolio or GitHub repository featuring security tools or scripts you have developed.
  • Full-stack web development experience, particularly in building RESTful applications.
  • A history of open-source vulnerability research or technical blogging.
  • Familiarity with system security hardening guidelines and comprehensive SDLC principles.

Compensation

This is a full-time, remote position. We offer the flexibility of remote work as a core benefit of this role.

How to apply

If you are a puzzle solver who thrives in a collaborative team environment, we invite you to apply. Please submit your application through our careers portal to be considered for this position.

Vimeo logo

Vimeo

5 views

0 applied

Social Media

Visit Vimeo
Share this job
Copy Permalink
Open roles at Vimeo
Vimeo logo
Vimeo

Engineering Manager

il flag
Israel

On-site

Full Time

#Engineering

#GCP

#PHP

#React

#MySQL

#Redis

Vimeo logo
Vimeo

Associate Product Manager, Video Analytics

91k - 136k USD

Remote

Full Time

#Product

#Video

#Analytics

#Product Management

#Data Analytics

#User Engagement

#Communication

#Agile

Vimeo logo
Vimeo

DevOps Engineer

il flag
Israel

On-site

Full Time

#Engineering

#AWS

#GCP

#Kubernetes

#Terraform

Vimeo logo
Vimeo

Application Security Engineer III

Remote

Full Time

#Engineering

#Penetration Testing

#Python

#BASH

#Go

#Threat Modeling

#Code Reviews

#Firewall

#Software

#Incident Response

#Compliance

Discover similar jobs
Thirdfort logo
Thirdfort

Senior Software Engineer

gb flag
United Kingdom

70k - 85k USD

Remote

Full Time

#Engineering

#Fintech

#Go

#TypeScript

#React

#React Native

#PostgreSQL

#GCP

#Temporal

#AI

N
Nomic Foundation

Senior Technical Product Manager

Remote

Full Time

#Engineering

#Blockchain

#Product Management

#Technical Documentation

#API Design

#CLI

#Developer Tools

#Roadmap Planning

#Stakeholder Management

#Ethereum

LuminDigital logo
LuminDigital

Cyber Security Engineer

Remote

Full Time

#Security

#Banking

#AWS

#Kubernetes

#Terraform

#Python

#PKI

#OpenSearch

#Threat Modeling

P
PriedsTechnology

Frontend Developer

Remote

Full Time

#Technology

#Angular

#JavaScript

#Agile

#Scrum

C
Cyberhaven

Senior Technical Support Engineer

in flag
India

Remote

Full Time

#Support

#Cyber Security

#Technical Support

#Troubleshooting

#Salesforce

#Jira

#GitHub

#Endpoint Security

#Problem Solving

Gauntlet logo
Gauntlet

Infrastructure Engineer

150k - 175k USD

Remote

Full Time

#Engineering

#Infrastructure

#Blockchain

#GCP

#Kubernetes

#Terraform

#GitHub Actions

#Python

#Helm

#Dagster

#IAM

#Observability

A
Astronomer

Staff Software Engineer, Platform Infrastructure

215k - 250k USD

Remote

Full Time

#Engineering

#Infrastructure

#Go

#Kubernetes

#Distributed Systems

#AWS

#GCP

#Azure

#Cloud

E
EBreuningerGmbHCo

Senior Fullstack Software Engineer - Loyalty

Remote

Full Time

#IT

#Spring Boot

#Kotlin

#JavaScript

#TypeScript

#Axon

#Bootstrap

#AWS

#Postgres

#Terraform

M
Miter

Senior Software Engineer

Remote

Full Time

#Engineering

#Software

#React

#React Native

#Node

#Express

#MongoDB

#TypeScript

#Stripe

#API Development

T
Testlio

Principal Software Architect

Remote

Full Time

#Software

#Testing

#SaaS

#AWS

#Distributed Systems

#Event Driven Design

#Database

#CI CD

#AI

#LLM

#Frontend Frameworks

A
Arbor

Data Engineer

Remote

Full Time

#Engineering

#Analytics

#DBT

#SQL

#Snowflake

#Python

#GCP

#Fivetran

V
Vic.ai

QA Engineer

es flag
Spain

Remote

Full Time

#Engineering

#Quality Assurance

#Test Automation

#API Testing

#Testing

#Python

#JavaScript

#TypeScript

#Playwright

#Cypress

#Selenium

J
Jimdo.com

Data Engineer

Remote

Full Time

#Engineering

#Data

#SQL

#DBT

#Python

#Snowflake

#Airflow

#AWS

#Git

TheEverywhereOffice logo
TheEverywhereOffice

Full Stack Developer

Remote

Full Time

#Engineering

#PropTech

#Python

#Flask

#Django

#Laravel

#Vue

#React

R
Rad AI

Data Engineer

Remote

Full Time

#Engineering

#Healthcare

#Analytics

#Metaflow

#Spark

#AWS

#EMR

#Docker

#Kubernetes

#SQL

#NoSQL

#DynamoDB

#Elasticsearch

Jellyvision logo
Jellyvision

Senior Data Platform Engineer II

175k - 195k USD

Remote

Full Time

#Technology

#Data Engineering

#Apache Airflow

#Python

#SQL

#Snowflake

#Databricks

#Terraform

#AWS

#Apache Spark

#DBT

#Kafka

H
Helpscout

Sr. Product Analyst

Remote

Full Time

#Business Operations

#SaaS

#Analytics

#SQL

#Mixpanel

#Testing

#BigQuery

#DBT

#Python

#Product Analytics

A
Advocate

Product Engineer, Tech Ops

Remote

Full Time

#Technology

#Artificial Intelligence

#TypeScript

#React

#Next.js

#Node.Js

#GraphQL

#PostgreSQL

#AWS

#Terraform

#Docker

#Python

The Browser Company logo
The Browser Company

Software Engineer, Compiler

us flag
US, CA

295k - 350k USD

Remote

Full Time

#Engineering

#Compiler

#Open Source

#Swift

#LLVM

#C++

#Windows

#Android

#Build Systems

#Tooling

#Design

Homebound logo
Homebound

Technical Lead Manager

Remote

Full Time

#Engineering

#Construction

#TypeScript

#Node

#React

#GraphQL

#PostgreSQL

#AWS

#AI

Your dream job awaits.

Explore exciting opportunities, connect with top employers, and ignite your career.