Senior Application Security Engineer

About us

At Udemy, we’re on a mission to transform lives through learning. Through our intelligent skills platform and a global community of instructors, we’ve helped over 70 million learners and 16,000 organizations achieve their goals. Come join us in ensuring everyone, everywhere has access to the skills they need to unlock their potential and create possibilities for themselves and others. About you

You’re an analytical problem-solver ready to put your skills toward purposeful work that has a global impact. You want to lead the way in innovation, exploring the latest technologies and finding new solutions. You thrive in a collaborative environment and are eager to work with and learn alongside the best in Product, Design, and Engineering.

• Contribute to functional specifications and participate in code reviews to include secure-by-design functionality.
  
• Write and execute test plans for maintainable code whether implementing backend security improvements, user-facing security features, or fixing defects.
  
• Work independently, with guidance from a senior engineer.
  
• Follow industry trends on new technologies, best practices and solutions.
  
  What you’ll have
  
  • Minimum of 4+years of professional experience with security by design principles and software development life cycle.
    
  • Knowledge of Web security, such as headers, cookies, CORS, XSS, CSP.
    
  • Knowledge of industry standard application security standards or frameworks for Web and mobile services specially Spring Boot, Django
    
  • Familiarity with object-oriented programming specially Kotlin, Python, JavaScript, Go and cloud technologies like AWS, GCP.
    
  • Experience with Git or other versioning systems.
    
    We understand that not everyone will match each of the above qualifications. However, we also realize that everyone has unique experiences that can add value to our company. Even if you think your background might not perfectly align, we'd love to hear from you!
    
    Nice to have :
    
    • Fundamental knowledge of authentication technologies; OAuth, SAML, OIDC, JWT.
      
    • Experience working on a team in full stack software development, including practices like continuous integration, unit testing, code reviews, pull requests, and documentation.
      
    • Experience with cloud-native landscape and containerized architecture.
      
    • Experience in using SAST, SCA, DAST tools and integrating them as part of CI/CD pipeline
      
    • Performed role of a security champion
      
    • Experience in bug bounty programs either have submitted bug bounty or as a triager
      
      Life at Udemy
      
      We aspire to be as vibrant and dynamic as the communities we serve, as inquisitive as those who use our platform, and as revolutionary as the future we strive to open for everyone. Here are some of the things we love about life at Udemy:
      
      We’re invested in creating an inclusive environment that welcomes a diverse range of backgrounds and experiences. From creating employee resource groups, ensuring we’re a Fair Pay Workplace, and building a flexible work culture, our belonging, equity, diversity, and inclusion (BEDI) initiatives always put our people first. We want you to be able to bring your authentic self to work because when we all do, we’re better for it.
      
      • Learning is what we do - inside and out. Our Learning &; Development team is second to none, helping ensure your journey is one of continuous progression. You’ll also have unlimited access to Udemy courses, monthly UDays (meeting-free professional development days), and a generous annual professional development stipend.
        
        
      • Our reason to exist is to revolutionize learning - that calls for taking risks and learning from failures. Whether it’s our hackathons (a company-wide effort to envision new possibilities for our product) or sharing our prototypes, we see experimentation as a crucial step on the path to success.
        
        
      • We’re committed to creating world-class employee experiences and are proud of the recognition of this by Great Place to Work.
        
        Of course, the best thing about being part of Udemy is knowing your work makes a difference for people and organizations around the world. You’ve got the skills; why not use them to help others develop theirs?
        
        At Udemy, we value diversity and inclusion and consider qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability.
        Our Benefits Start With U
        
        Our benefits package at Udemy "starts with U” and is grounded in mission-driven benefits that intentionally align with our core values. Here’s a sneak peek at just a few highlighted benefits if you’re a full-time Udemate based in the India:
        
        • Core Benefits: Comprehensive medical, life and income protection coverage
          
          
        • Parental Benefits: Financial assistance for fertility (including egg-freezing), adoption, and surrogacy expenses; twelve weeks of paid family bonding for birth, surrogacy, adoption, and foster placement. 26 weeks paid maternity leave for birthing parents as well as a two-week "ease-back” program that enables parents to return part-time at full pay
          
          
        • Whole U: Fully paid memberships for meditation/mindfulness, therapy/coaching visits, financial planning, fertility and family building, maternity and newborn care, parenting and pediatrics, menopause care, breastmilk shipping, and caregiving support
          
          
        • Learning: Free access to Udemy and Udemy Business plus a yearly stipend to spend on professional development
          
          
        • Retirement: 12% of your base salary or INR 1,800 per month
          
          
        • Charitable Giving: Corporate charitable match for eligible nonprofits and charities
          
          Holidays: 25 paid holidays throughout the year plus bank holidays
          About our APAC region
          
          When you join Udemy in our Asia Pacific (APAC) region, you’ll have the chance to help our globally established business grow locally. We have a solid foundation and a great reputation - and you can be part of the next stage of our journey.
          
          Our investment in the region is significant, with offices in Australia and India and an expanding presence in Singapore, Indonesia, Japan, and beyond. It comes with countless opportunities to make learning more accessible to millions. You’ll work with various cultures with unique needs, affording you the chance to learn and progress in your career. And that progression doesn’t come at the cost of work-life balance; people are at the heart of our mission, which is why we’re committed to looking after ours.
          
          Information regarding data privacy is available within the Udemy Careers Privacy Notice .
          
          #LI-MG1