Application Security Engineer

MailChimp is the world's leading email marketing service. More than 10 million people and businesses use MailChimp to design and send 1 billion emails a day. We empower small businesses with a suite of powerful and easy-to-use email, marketing automation, and analytics tools that integrate with hundreds of popular applications and services.

MailChimp is looking for an extra-paranoid, detail-oriented Application Security Engineer to join our Operations team. Here's the opportunity to use your heroic hacking skills to protect our 8 million+ users and their subscribers from evil-doers. Save the MailChimp universe through vigilant monitoring, relentless pen testing and superb coding solutions! Of course, you should be well-versed on security risks/vulnerabilities, how to test for these risks, and what can be done to remediate any that are found.

* Work with development team to review code for possible security risks * Promote paranoia and scare your fellow co-workers to ensure system security and to improve server and network efficiency * Build internal tools that detect and respond to security issues * Spend hours trying to break our app (also known as penetration testing) * Review/validate vulnerabilities reported via responsible disclosure program

* A passion for internet security and the desire to share that enthusiasm with others * Solid understanding of security tools (BurpSuite, etc) and vulnerability scanners * Knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc. * Code proficiency using one or more of the following languages: PHP, Java, SQL or Python * Excellent oral and written communication skills