Full-Time

Sr. Staff Application Security Engineer

Updated on 4/30/2024

Aurora Innovation

Aurora Innovation

1,001-5,000 employees

Develops autonomous driving systems for vehicles

Industrial & Manufacturing
Data & Analytics
Hardware

Senior

San Francisco, CA, USA

Required Skills
Agile
Python
Go
Linux/Unix
Requirements
  • Ability to write production-quality code in C++, Golang, or Python
  • Foundational knowledge of operating system security for Linux
  • Foundational knowledge of the CWE Top 25
  • Experience in risk assessment, threat modeling, incident and emergency response, OS hardening, vulnerability management, pentesting, offensive security, or cryptographic protocols and concepts
  • Experience in vulnerability discovery and analysis, design review, and code-level security reviews
  • Experience in security engineering, computer and network security, authentication and security protocols, and applied cryptography
  • Experience with assessment, development, implementation, and documentation of security technologies and processes
  • Familiarity with automotive protocols and security standards
  • Experience in Security Assurance / Secure-SDLC processes in an agile / waterfall environment
  • Experience building and evaluating threat models / risk assessments
  • Experience and ability to implement best practices related to cryptographic protocols, infrastructure and network security
  • Minimum 8 years of experience in a security-specific or security-adjacent industry
  • Minimum 2 years of experience in the robotics or automotive industry or equivalent
Responsibilities
  • Perform secure design reviews and threat modeling
  • Perform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices
  • Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes
  • Manage the vulnerability management process and program through triage, prioritization, tracking, remediation, and validation of vulnerabilities from audits, scans and external reports
  • Employ techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
  • Conduct research to identify new and novel attack vectors against Aurora’s products and services
  • Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners
  • Develop and manage a secure software development lifecycle
  • Develop and manage a bug bounty program
  • Research, recommend, and develop security tools and technologies to strengthen defenses against emerging threats and vulnerabilities
  • Work with Engineering teams and OEMs to ensure successful security assurance of the Aurora Driver platform and services
  • Advocate, guide and mentor both security and non-security engineers to instill security best practices through secure architecture, design, and development

Aurora is developing the Aurora Driver, an intelligent autonomous driving system designed for multiple vehicle types, including freight-hauling trucks and ride-hailing passenger vehicles. The technology incorporates a fusion of sensor types, high definition mapping data, and continuous training on public roads and in virtual tests to ensure safe and efficient autonomous transport.

Company Stage

IPO

Total Funding

$5.4B

Headquarters

Mountain View, California

Founded

2017

Growth & Insights
Headcount

6 month growth

-1%

1 year growth

-10%

2 year growth

16%

Benefits

Medical, Vision, Life Insurance

Paid leave

Vacation, Holidays & Sick Time

LinkedIn Learning

Aurora Academy

401(k)

Commuter Benefits

Flexible Spending Account

Onsite Food

PerkSpot

Working from Home Support

Emotional & Physical Wellness

Employee Assistance Program