all positions

Senior Application Security Engineer

Soho, New York | Engineering | Full-time

We’re looking for a senior-level engineer to lead software security initiatives across multiple product engineering teams. You’ll guide, oversee, and collaborate closely with team leads on key projects, while taking full ownership over the code security of our products.

Our ideal candidate is highly versatile and eager to influence decisions of all sorts, from small features to large-scale implementations. You think about coding as craftsmanship. You  are constantly on guard against bad actors, and you possess a healthy degree of paranoia.

At Lemonade, we’re obsessed with productivity and we’re passionate about automation, AI, and bots. The Security team loves finding creative and ingenious ways to protect our customers and the company. If this sounds good, we’d love to hear from you.

Requirements

  • 5+ years of relevant experience in Security Engineering
  • Strong application security background with a focus on scalable approaches to product security
  • Experience with threat modeling, security design reviews, and security architecture
  • Proficient in a range of programming languages, preferably TypeScript, JS, Python, and Ruby
  • Solid understanding of common attack vectors, vulnerabilities, and mitigations
  • Ample experience in high-level code auditing of backend systems
  • Significant experience fixing security vulnerabilities in live web applications
  • Adept at analyzing risks of identified vulnerabilities
  • Proven track record of managing many post-mortem analyses
  • Strong familiarity with cloud environments, preferably AWS
  • Familiarity with a wide range of database types and architectures is a plus
Requirements
  • 5 years of relevant experience in AppSec research
  • Proficient in a range of programming languages, preferably TypeScript, JS, Python, and Ruby
  • Solid understanding of common attack vectors, vulnerabilities, and mitigations
  • Ample experience in high-level code auditing of backend systems
  • Significant experience fixing security vulnerabilities in live web applications
  • Adept at analyzing risks of identified vulnerabilities
  • Proven track record of managing many post-mortem analyses
  • Strong familiarity with cloud environments, preferably AWS
  • Familiarity with a wide range of database types and architectures is a plus
About Lemonade

Lemonade is a licensed insurance carrier offering renters, homeowners, car, pet, and life insurance insurance in the United States, contents and liability insurance in Germany and the Netherlands, and renters insurance in France. We’re powered by artificial intelligence and behavioral economics, and driven by social good.

A Certified B-Corp, Lemonade donates unused premiums to nonprofits selected by its community as part of our annual Giveback program. We incorporate our values into everything we do—from our business model to our office culture.