{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/secure-coding-principles"},"x-facet":{"type":"skill","slug":"secure-coding-principles","display":"Secure Coding Principles","count":2},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_aff17a60-097"},"title":"Application Security Engineer","description":"<p>As a Security Engineer focused on Application and Product Security, you will play a key role in improving the security posture of our applications, services, and development ecosystem.</p>\n<p>You will work closely with engineering teams to integrate security into the software development lifecycle, build secure-by-default patterns, and ensure that products are resilient against modern threats.</p>\n<p>This role combines hands-on technical work, security engineering, and collaboration with developers to guide secure design and remediation.</p>\n<p>You will help implement security controls, perform assessments, and contribute to the continuous improvement of our security program.</p>\n<p>Key responsibilities include:</p>\n<ul>\n<li>Integrating application security best practices into the development lifecycle by partnering with engineering teams and enabling automated security checks within CI/CD pipelines.</li>\n</ul>\n<ul>\n<li>Supporting and maintaining Application Security based tooling,including SAST, DAST, SCA, and secrets scanning,and helping developers interpret and remediate findings.</li>\n</ul>\n<ul>\n<li>Conducting secure code reviews, threat modeling sessions, and application architecture assessments to identify risks and propose mitigation strategies.</li>\n</ul>\n<ul>\n<li>Developing and maintaining security automation, guardrails, and reusable components.</li>\n</ul>\n<ul>\n<li>Assisting in defining and improving secure coding standards and application hardening practices.</li>\n</ul>\n<ul>\n<li>Supporting monitoring and detection efforts by helping improve application-level logging, telemetry, and alerting.</li>\n</ul>\n<ul>\n<li>Assisting in incident response activities related to application vulnerabilities, including verification, triage, and remediation support.</li>\n</ul>\n<ul>\n<li>Staying current on emerging threats, vulnerabilities, and best practices in application and product security.</li>\n</ul>\n<ul>\n<li>Contributing to documentation including security requirements, guidelines, and remediation playbooks.</li>\n</ul>\n<ul>\n<li>Participating in internal security reviews, compliance-driven assessments, and architectural walkthroughs.</li>\n</ul>\n<ul>\n<li>Developing and helping maintain existing application security tools, pipelines, and workflows.</li>\n</ul>\n<ul>\n<li>Collaborating with engineering and product teams to ensure secure deployment and continuous improvement of applications.</li>\n</ul>\n<p>Requirements include:</p>\n<ul>\n<li>A bachelor’s degree in Computer Science, Engineering, MIS, or equivalent practical experience.</li>\n</ul>\n<ul>\n<li>2–5 years of experience in application security, product security, software engineering with a security focus, or a related technical role.</li>\n</ul>\n<ul>\n<li>Strong understanding of application vulnerabilities and mitigation strategies (OWASP Top 10, CWE).</li>\n</ul>\n<ul>\n<li>Experience with CI/CD tooling, Git-based workflows, and modern development practices.</li>\n</ul>\n<ul>\n<li>Familiarity with cloud security concepts and hands-on experience with at least one cloud platform (AWS, Azure, or GCP).</li>\n</ul>\n<ul>\n<li>Experience with one or more programming languages such as Python, Go, Java, JavaScript/Typescript, or Ruby. (Java and Python preferred.)</li>\n</ul>\n<ul>\n<li>Experience with application security tools such as OWASP ZAP, Burp Suite, SAST/DAST tools, SCA, or dependency scanning.</li>\n</ul>\n<ul>\n<li>Knowledge of secure coding principles, API security, authentication, authorization, and secrets management.</li>\n</ul>\n<ul>\n<li>Strong problem-solving skills and the ability to communicate technical issues clearly to developers and cross-functional stakeholders.</li>\n</ul>\n<ul>\n<li>Understanding of agile development processes and working within engineering teams.</li>\n</ul>\n<ul>\n<li>Ability to Travel: This role will require 25% in-person travel for purposes including but not limited to new hire onboarding, team and department offsites, customer engagements, and other company events.</li>\n</ul>\n<p>This role is based in our Boston office and follows a hybrid model, with an expectation of being onsite 1-2 days per week.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_aff17a60-097","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Starburst","sameAs":"https://www.starburst.io/","logo":"https://logos.yubhub.co/starburst.io.png"},"x-apply-url":"https://job-boards.greenhouse.io/starburst/jobs/5119301008","x-work-arrangement":"hybrid","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$130,000-$170,000 USD","x-skills-required":["CI/CD tooling","Git-based workflows","modern development practices","cloud security concepts","application security tools","secure coding principles","API security","authentication","authorization","secrets management"],"x-skills-preferred":["Python","Go","Java","JavaScript/Typescript","Ruby"],"datePosted":"2026-04-18T15:51:05.628Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Boston, MA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"CI/CD tooling, Git-based workflows, modern development practices, cloud security concepts, application security tools, secure coding principles, API security, authentication, authorization, secrets management, Python, Go, Java, JavaScript/Typescript, Ruby","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":130000,"maxValue":170000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_9107fd86-b5c"},"title":"Software Engineer, Security","description":"<p>We are seeking a talented and experienced software engineer to join our Engineering team. The successful candidate will work closely with the research, product, solution, and program management teams to serve our frontier models to customers wherever they use our technology.</p>\n<p>Key responsibilities include:</p>\n<ul>\n<li>Ensuring fast and reliable launch of new models and new features to customers</li>\n<li>Building systems, APIs, and interfaces to interact with large language models</li>\n<li>Improving and extending the infrastructure needed to package, deploy, and integrate our core technology within first-party systems and third-party platforms</li>\n<li>Maintaining AI safety on third-party platforms</li>\n<li>Collaborating with internal and external stakeholders to ensure our services achieve high availability and deliver state-of-the-art performance for our users</li>\n</ul>\n<p>In addition to these responsibilities, the successful candidate will also focus on security aspects, including:</p>\n<ul>\n<li>Acting as a security advocate within the team, sharing best practices and raising awareness about secure coding principles</li>\n<li>Designing and implementing robust, secure systems, ensuring that all development adheres to the highest security standards</li>\n<li>Conducting in-depth reviews of code and architectural designs, focusing on identifying and mitigating security vulnerabilities</li>\n<li>Identifying, addressing, and mitigating vulnerabilities in applications and systems, ensuring proactive measures are in place</li>\n</ul>\n<p>The ideal candidate will have a Master&#39;s degree in Engineering or Computer Science, proven experience as a Software Engineer with a focus on backend or full-stack development, and hands-on experience working on security projects, integrating security considerations into software products or a past experience as SRE (Site Reliability Engineering).</p>\n<p>Familiarity with industry standards for secure software development (e.g., OWASP, ISO 27001), experience with vulnerability scanning tools, and secure development lifecycle (SDLC) practices are also desirable.</p>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_9107fd86-b5c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Mistral AI","sameAs":"https://mistral.ai"},"x-apply-url":"https://jobs.lever.co/mistral/9f6e6513-fd9e-411b-b558-540bc12b2fe4","x-work-arrangement":"onsite","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Python","Secure coding principles","Vulnerability scanning tools","Secure development lifecycle (SDLC) practices","Large language models","Cloud infrastructure management"],"x-skills-preferred":[],"datePosted":"2026-03-10T11:34:19.589Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Paris"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Python, Secure coding principles, Vulnerability scanning tools, Secure development lifecycle (SDLC) practices, Large language models, Cloud infrastructure management"}]}