Application Security Engineer

  • Remote USA, REMOTE, United States
  • Employees can work remotely
  • Full-time

Company Description

Are you ready to trade your job for a journey? Become a FlyMate! 

Passion, excitement & global collaboration are all core to what it means to be a FlyMate. At Flywire, we’re on a mission to transform receivables and deliver on the most mission critical payments across education, healthcare, travel and B2B. We’ve got a leading technology platform and a global payments networked that is unrivaled. What more do we need to truly be unstoppable? Perhaps that is you! ​​​​​​

Who we are:

Flywire was founded in 2011 by a former international student, who experienced firsthand all the challenges of paying for college from another country—and made it his mission to solve them.

Today, Flywire has applied our high tech payments platform combined with our owned global payments network to expand and digitise the payment experience for over 3,000 education, healthcare, travel & B2B clients world-wide, processing more than $16B and covering more than 240 countries and territories globally. And, we’re just getting started!

With over 500 FlyMates distributed across 12 offices world-wide and representing more than 32 nationalities, we’re looking for FlyMates to join the next stage of our journey as we continue to grow.

Job Description

The Opportunity:

We are looking to hire an eager and skillful Application Security Engineer. This individual will support our Security Team in providing security support for our development houses and ensure the privacy and security of confidential business and personal information.

Please note: We will need this person to go to the Chicago office 1-2 days per week.

Key Responsibilities:

  • Draft security requirements for any system, service, or integration needed by Flywire

  • Collaborate frequently with different engineering teams to identify and address security issues

  • Attend the daily stand ups when needed to ensure that product features have security "built in"

  • Perform technical tasks on the change and integration reviews

  • Contribute to automated security controls we are building

  • Have a part in every aspect of the development lifecycle


FlyMate Skills and Qualifications:

  • 3+ years of application security experience (some of the things that will be useful are: source code auditing, penetration testing, product assessments, vulnerability research, reverse engineering, development of security tools and automation)

  • Influence the design and implementation of upcoming products and services with security and privacy by design mindset

  • A "breaker" mentality, but effective at crafting the mitigating controls

  • Working experience in authentication technologies, including OAuth, SAML, and SSO

  • Proven knowledge of applied cryptography

  • Familiarity with the Ruby on Rails, Java language and modern web development (e.g. JavaScript, AngularJS, Node.js, etc.)

  • Understanding of OWASP security concepts and common application security risks, such as XSS, CSRF, SQL Injection, Cookie Manipulation, etc

  • Experience with web application security, DevSecOps and/or secure SDLC

  • Provide hands-on remediation guidance to development teams

  • Proven interpersonal skills: ability to explain complex technical issues to both technical and non-technical audiences, so you will need to have strong communication and collaboration skills, and most importantly, empathy.

Additional Information

Flywire is an equal opportunity employer. With over 30 nationalities across 9 different offices, and diversity and inclusion at the core of our people agenda, we believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.

Flywire participates in E-Verify for U.S. employees.

Privacy Policy