Offer summary

Qualifications:

8+ years of experience in application security and secure software development., Deep understanding of authentication and authorization protocols like OAuth and SAML., Hands-on experience with SAST and SCA tools, and proficiency in programming languages such as Python or Java., Excellent communication skills and a passion for security and continuous learning..

Key responsabilities:

Perform secure design and code reviews to identify and prioritize risks and vulnerabilities.

Drive remediation of critical vulnerabilities and communicate risks to stakeholders.

Mentor junior security engineers and guide teams on secure software development best practices.

Continuously improve security posture through architecture enhancements and secure coding practices.

Job description

Job Description

Staff Application Security Engineer

Remote (Anywhere), United States

As a Staff Application Security Engineer at Chegg, you'll shape how security integrates into our product lifecycle, development pipelines, and developer onboarding. We're seeking a curious, collaborative, and strategic security professional to define, lead, and evolve our application security practices alongside product and infrastructure engineering teams.

What You'll Do:

Perform secure design and code reviews, identifying and prioritizing risks, attack surfaces, vulnerabilities, and providing mitigation strategies.

Drive the remediation of critical vulnerabilities and clearly communicate risks and solutions to stakeholders.

Proactively eliminate entire vulnerability classes through security architecture improvements and secure coding practices.

Continuously improve Chegg’s security posture with software and service platforms including Hackerone, Cobalt.io, and Wiz.io.

Mentor and guide junior security engineers and cross-functional teams on secure software development best practices.

What You'll Bring:

8+ years of experience in application security, secure software development, and cloud infrastructure security.

Experience securing APIs, microservices architectures, and addressing modern infrastructure security challenges.

Deep understanding of authentication and authorization protocols such as OAuth, OIDC, SAML, and JWT.

Hands-on experience with static application security testing (SAST) and software composition analysis (SCA) tools.

Developer-level proficiency in at least one programming language—preferably Python, Java, JavaScript, or Golang.

Familiarity with front-end and back-end technologies such as React, Next.js, TypeScript, Node.js, GraphQL, and/or Java.

Creative, resourceful, and adaptive problem-solving capabilities.

Excellent communication skills, both written and oral, with the ability to effectively engage with stakeholders at all levels.

Strong ability to work independently and collaboratively across various teams, linking tactical initiatives to long-term strategic outcomes.

A genuine passion for security and continuous learning.

Stand-Out Qualifications:

Proven track record mentoring and developing junior team members.

Relevant experience in offensive security, penetration testing, or red teaming.

Expertise of cloud-native (AWS) technologies including containers, Kubernetes, and infrastructure-as-code (Terraform).

Experience with Gitlab CI/CD.

Contributions to the security community through open-source projects, research papers, or conference presentations.

The pay range for this position is $110,880 – 323,400. The actual pay will vary based on geographic location, job requirements, professional experience, and other factors. In addition, Chegg offers a comprehensive benefits plan for eligible employees, including medical, dental, vision, life and supplemental life insurance, short-and long-term disability, mental health support, parental leave, paid time off, volunteer time off, paid holidays, 401(k) with matching contributions, Flexible Spending Account (FSA) and Health Savings Account (H.S.A.) options, an Employee Stock Purchase Plan, an Employee Referral Program, Tuition Reimbursement, and other benefits found at: https://www.chegg.com/about/working-at-chegg/benefits/.

#LI-Remote

Why do we exist?

Students are working harder than ever before to stabilize their future. Our recent research study called State of the Student shows that nearly 3 out of 4 students are working to support themselves through college and 1 in 3 students feel pressure to spend more than they can afford. We founded our business on provided affordable textbook rental options to address these issues. Since then, we’ve expanded our offerings to supplement many facets of higher educational learning through Chegg Study, Chegg Math, Chegg Writing, Chegg Internships, Thinkful Online Learning, and more to support students beyond their college experience. These offerings lower financial concerns for students by modernizing their learning experience. We exist so students everywhere have a smarter, faster, more affordable way to student.