Application Security Engineer

MailChimp is the world's leading email marketing service. More than 10 million people and businesses use MailChimp to design and send 1 billion emails a day. We empower small businesses with a suite of powerful and easy-to-use email, marketing automation, and analytics tools that integrate with hundreds of popular applications and services.

MailChimp is looking for an extra-paranoid, detail-oriented Application Security Engineer to join our Operations team. Here's the opportunity to use your heroic hacking skills to protect our 8 million+ users and their subscribers from evil-doers. Save the MailChimp universe through vigilant monitoring, relentless pen testing and superb coding solutions! Of course, you should be well-versed on security risks/vulnerabilities, how to test for these risks, and what can be done to remediate any that are found.

• Work with development team to review code for possible security risks
• Promote paranoia and scare your fellow co-workers to ensure system security and to improve server and network efficiency
• Build internal tools that detect and respond to security issues
• Spend hours trying to break our app (also known as penetration testing)
• Review/validate vulnerabilities reported via responsible disclosure program

• A passion for internet security and the desire to share that enthusiasm with others
• Solid understanding of security tools (BurpSuite, etc) and vulnerability scanners
• Knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc.
• Code proficiency using one or more of the following languages: PHP, Java, SQL or Python
• Excellent oral and written communication skills