Security Engineer • Staff

Who you are

You have a strong background in application security, with at least 5 years of experience in the field — you've worked closely with engineering teams to design secure software and have a deep understanding of secure coding practices. Your expertise includes managing security tooling and conducting assessments of application and API security, ensuring that security is integrated into every aspect of the development process.

You are passionate about promoting a culture of security within an organization — you understand the importance of collaboration and communication in fostering a security-first mindset among your peers. You thrive in environments where you can take ownership of security initiatives and drive improvements across teams.

You are familiar with the Secure Software Development Lifecycle (SSDLC) and have experience implementing security best practices throughout the software development process — you know how to identify vulnerabilities and work with developers to remediate them effectively. Your analytical skills allow you to assess risks and prioritize security efforts based on business needs.

You are a proactive problem solver who enjoys tackling complex security challenges — you stay up-to-date with the latest security trends and threats, and you are always looking for ways to enhance security measures within your organization. Your ability to communicate technical concepts to non-technical stakeholders is a key strength that helps bridge the gap between security and development teams.

Desirable

Experience with cloud security and familiarity with AWS or Azure environments would be a plus — you understand the unique security challenges that come with cloud-based applications and can implement appropriate controls. Certifications such as CISSP or CISM are also desirable, as they demonstrate your commitment to the field of information security.

What you'll do

As a Staff Application Security Engineer at HoneyBook, you will be responsible for shaping and owning the Secure Software Development Lifecycle (SSDLC) — this includes defining security requirements for new projects and ensuring that security is integrated into the development process from the outset. You will work closely with engineering teams to design secure software and provide guidance on secure coding practices.

You will manage security tooling and lead the assessment of application and API security across HoneyBook’s products — this involves conducting regular security assessments, vulnerability scans, and penetration testing to identify and remediate security weaknesses. You will also be responsible for developing and maintaining security policies and procedures that align with industry best practices.

In this role, you will promote a culture of security across the organization — you will conduct training sessions and workshops to educate team members about security best practices and the importance of security in the software development lifecycle. Your efforts will help ensure that security is a shared responsibility among all team members.

You will collaborate with cross-functional teams to address security concerns and provide recommendations for improving security posture — your insights will be invaluable in shaping the security strategy for HoneyBook as the company continues to grow and evolve. You will also stay informed about emerging security threats and trends, adapting security measures as necessary to protect the organization.

What we offer

HoneyBook offers a dynamic work environment where you can make a significant impact on the security of our products — you will have the opportunity to work with a talented team of professionals who are dedicated to building secure and reliable software. We value collaboration, feedback, and ownership, and we encourage you to apply even if your experience doesn't match every requirement. Join us in helping independent professionals grow their businesses with confidence.