Staff Application Security Engineer
@ HoneyBook

Tel Aviv-Yafo, Tel Aviv District, Israel
$160,000
On Site
Full Time
Posted 18 hours ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXX XXXXXXXXXXXXX XXXXXXXX***** @honeybook.com
Recommended after applying

Job Details

About HoneyBook

HoneyBook is the leading AI-powered business management platform for service-based business owners. Designed to enhance independent professionals, HoneyBook’s tools help businesses attract leads, connect with clients, book projects, and manage payments efficiently. With strong AI integration, entrepreneurs can scale their businesses with confidence.

Role Overview

As a Staff Application Security Engineer at HoneyBook, you will join the IT and Security team to ensure secure software practices across our products and services. You will collaborate with engineering teams, lead application and API security assessments, and drive our Secure Software Development Lifecycle (SSDLC).

Key Responsibilities

  • Collaborate with engineering teams to define and implement remediation strategies.
  • Design and drive SSDLC practices including security reviews and threat modelling.
  • Conduct threat modeling, architecture reviews, and security assessments.
  • Manage HoneyBook’s bug bounty program and maintain AppSec tools.
  • Review source code for vulnerabilities and guide remediation efforts.
  • Act as the contact for penetration tests and external security assessments.
  • Continuously research emerging security trends and frameworks.
  • Promote a security culture by educating engineering and DevOps teams.

Qualifications & Experience

  • 5+ years in Application Security or Secure Software Development.
  • Experience with modern web stacks, cloud-native architectures, APIs, and CI/CD pipelines.
  • Strong knowledge of OWASP Top 10 and secure coding practices.
  • Experience with security tools (Burp Suite, Oligo, VeraCode, SonarQube, etc.).
  • Hands-on code review and static analysis skills in languages like JavaScript, Python, Go.
  • Familiarity with AWS and infrastructure-as-code security.
  • Experience managing bug bounty programs and third-party testing engagements.
  • Excellent communication skills and cross-functional collaboration.
  • Certifications such as OSCP, GWAPT, CISSP, or CSSLP are a plus.

The Good Stuff

This role offers competitive salary plus equity, comprehensive benefits, and a mission-driven work culture focused on growth, collaboration and innovation.

Key skills/competency

Application Security, SSDLC, Threat Modeling, Code Review, Cloud Security, Bug Bounty, CI/CD, Security Tools, Vulnerability Assessment, Secure Coding

Apply without a personalized resume

How to Get Hired at HoneyBook

🎯 Tips for Getting Hired

  • Customize your resume: Highlight security experience and SSDLC skills.
  • Emphasize technical expertise: Detail cloud, API, and code review experience.
  • Showcase collaboration skills: Mention cross-team security initiatives.
  • Prepare for interviews: Review application security trends and case studies.

📝 Interview Preparation Advice

Technical Preparation

Review SSDLC and threat modeling frameworks.
Practice secure coding in JavaScript and Python.
Familiarize with cloud platform security, especially AWS.
Brush up on static and dynamic security analysis tools.

Behavioral Questions

Describe a time you resolved a security issue.
Explain teamwork during a high pressure project.
Share how you handle feedback on security recommendations.
Discuss adapting to rapidly changing security landscapes.

Frequently Asked Questions