Senior Application Security Engineer (PHP)

Job Description

About LastPass
LastPass is a leader in password and identity management, making it easier to log into life and work. Trusted by 100,000 businesses and millions of users, LastPass combines advanced security with effortless access for individuals, families, small business owners, and enterprise professionals. With LastPass, important credentials are protected and private – and always within reach.

We welcome new ideas, support your growth, and recognize your value, if this aligns with what you are looking for in your next career move, Join Us!

LastPass is looking for a Senior Application Security Engineer (PHP):

The LastPass Product Security team is looking for a candidate for the position of Senior Application Security Engineer to join our team and help us ensure the security of our applications. We are a team of talented application security engineers who work in direct partnership with our engineering and platform teams.

If you are passionate about complex problem solving and motivated by scale, then this is the role for you! 

Who will you work with? 

As a Senior Application Security Engineer at LastPass, you will collaborate with software engineers, product owners, and our architecture team to ensure security best practices are implemented across our products.

What are some of the exciting challenges you will be working on? 

  • Be part of a dedicated application security team responsible for enhancing the product security of LastPass.
  • Work closely with engineering and platform teams to understand their application security needs.
  • Utilize your knowledge of security architecture to ensure that our teams build secure products and services from the ground up.
  • Conduct application security design reviews, threat modeling, and code reviews.
  • Debug and troubleshoot complex server-side applications written in PHP.
  • Apply your penetration testing skills to strengthen our internal and external applications and services.
  • Support our bug bounty security researcher community and maximize learning opportunities within our engineering processes.

What does it take to work at LastPass?

  • Excellent written and verbal communication skills in English
  • Deep technical knowledge in web application security
  • Experience in developing and/or securing web applications written in PHP
  • Basic knowledge of Docker and container security
  • Previous experience with threat modeling, testing, and analyzing server-side applications
  • A knack for identifying flaws in software and the ability to effectively communicate how to fix them
  • Previous experience working closely with engineering teams and supporting them throughout the SDLC (Software Development Life Cycle)
  • Team player with a hands-on and can-do attitude

It is great, but not required:

  • Experience with .NET or JavaScript/TypeScript
  • Experience with React
  • Experience with GitLab CI/CD
  • Experience with AWS (Amazon Web Services)

 

Why LastPass? 

  • Market-leading password manager
  • High-growth, collaborative environment with inclusive teams
  • Remote first culture
  • Competitive compensation 
  • Flexible Paid time off policies including but not limited to: Monthly self-care days (12 extra paid days off annually), volunteering days
  • Generous Parental leave
  • Comprehensive health coverage, dependents included
  • Home office setup support
  • LastPass families free account up to 5 members
  • Continuous learning and development opportunities

Unlock your potential with us - your skills, experience, and unique perspective matter more than just checking the boxes. Apply today, and let's build the future together!

We’re building an inclusive community that reflects the people of all races, genders, sexual orientations, national origins, backgrounds, and perspectives who share our world.

For all US based jobs please review our Applicant Privacy Notice

For all EU based jobs please review our Candidate Privacy Notice 

Please review our CCPA Notice