Staff Application Security Engineer @ Peloton

ABOUT THE ROLE

The Staff Application Security Engineer is instrumental in ensuring Peloton’s applications, services, and systems are implemented and secured with industry standard processes. The candidate will help define and mature the application security program, security policy and standards and will coordinate with engineering and platform partners to ensure the security bar is upheld. The candidate will work with multiple and diverse teams across Peloton including, but not limited to Product, Platform, and Ecommerce Engineering, Legal, Enterprise IT Operations and Security Response. They will coordinate the actions of each and ensure collectively we are working as “one Peloton” to protect our members and the team.

The role plays a critical function in constantly evolving Peloton’s risk assessment and security review capabilities, ensuring the underlying data related to security defects is used to constantly improve the security of Peloton's products and services. The ideal candidate is a proven engineer that has both exemplary engineering and interpersonal skills. They have extensive experience collaborating with internal engineering partners. They are a proven security technology and methodology expert that scales through enabling other engineering partners to make the right security design decisions and trade-offs.

YOUR DAILY IMPACT AT PELOTON

Security Design Reviews/threat models: Ensure security guarantees are integrated into products by conducting thorough reviews of design and implementations.
Developer Guidance: Provide guidance and education to engineering and product teams on available security controls and their appropriate use to help prevent vulnerabilities.
Collaboration with Engineering Teams: Partner closely with product and engineering teams to design solutions that are secure by default.
Expertise in Web and Mobile Security: Serve as a trusted advisor, offering web and mobile security expertise to enable engineering and product teams to make informed, confident decisions.
Automated Analysis and Secure Frameworks: Scale security efforts by integrating automation for the identification, prioritization, and remediation of vulnerabilities. Empower engineering teams through automation, security guidance, tooling, patterns, and training to scale security practices across the organization.

YOU BRING TO PELOTON

7+ years of application security experience
2+ years experience with understanding devsecops pipelines
3+ years experience with software development preferred but not required
Has proven experience in security automation, DevSecOps, SRE, or a similar role.
Working knowledge of one or more general purpose programming/script languages, preferably Python
Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) would be a plus
Has a solid understanding of cybersecurity threats, vulnerabilities, and mitigations.
Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
Experience writing software that enables security processes
Breadth of applied knowledge across application and infrastructure security
Facilitate high impact, cross-team security initiatives
The capability to establish clear next steps when facing uncertain situations without clear lines of ownership
An ability to think creatively and holistically about reducing risk in a complex environment
Demonstrates a focused approach, consistently achieving measurable improvements to the security posture of applications and systems.
Exceptional ability to build relationships across diverse multi-functional teams.
Exceptional written/oral communication skills.
Exceptional bias for action and ownership.

#LI-AC1

#LI-Hybrid

The base salary range represents the low and high end of the anticipated salary range for this position based at our New York City headquarters. The actual base salary offered for this position will depend on numerous factors including individual performance, business objectives, and if the location for the job changes. Our base salary is just one component of Peloton’s competitive total rewards strategy that also includes annual equity awards and an Employee Stock Purchase Plan as well as other region-specific health and welfare benefits.

As an organization, one of our top priorities is to maintain the health and wellbeing for our employees and their family. To achieve this goal, we offer robust and comprehensive benefits including:

- Medical, dental and vision insurance

- Generous paid time off policy

- Short-term and long-term disability

- Access to mental health services

- 401k, tuition reimbursement and student loan paydown plans

- Employee Stock Purchase Plan

- Fertility and adoption support and up to 18 weeks of paid parental leave

- Child care and family care discounts

- Free access to Peloton Digital App and apparel and product discounts

- Commuter benefits and Citi Bike Discount

- Pet insurance and so much more!

Base Salary Range

$215,029—$290,289 USD

ABOUT PELOTON:

Peloton (NASDAQ: PTON) provides Members with expert instruction, and world class content to create impactful and entertaining workout experiences for anyone, anywhere and at any stage in their fitness journey. At home, outdoors, traveling, or at the gym, Peloton brings together innovative hardware, distinctive software, and exclusive content. Founded in 2012 and headquartered in New York City, Peloton has millions of Members across the US, UK, Canada, Germany, Australia, and Austria. For more information, visit www.onepeloton.com.

Peloton is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. Equal employment opportunity has been, and will continue to be, a fundamental principle at Peloton, where all team members, applicants, and other covered persons are considered on the basis of their personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, disability, pregnancy, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital and civil partnership/union status, alienage or citizenship status, creed, genetic predisposition or carrier status, unemployment status, familial status, domestic violence, sexual violence or stalking victim status, caregiver status, or any other protected characteristic as established by applicable law. This policy of equal employment opportunity applies to all practices and procedures relating to recruitment and hiring, compensation, benefits, termination, and all other terms and conditions of employment. If you would like to request any accommodations from application through to interview, please email: [email protected].

Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act, the City of Los Angeles Fair Chance Initiative for Hiring Ordinance and the San Francisco Fair Chance Ordinance, as applicable to applicants applying for positions in these jurisdictions.

Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Peloton does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Peloton recruiting team and/or hiring managers will be from an @onepeloton.com email address.

If you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Peloton, please email [email protected] before taking any further action in relation to the correspondence.

Peloton does not accept unsolicited agency resumes. Agencies should not forward resumes to our jobs alias, Peloton employees or any other organization location. Peloton is not responsible for any agency fees related to unsolicited resumes.

Staff Application Security Engineer

Peloton

Compensation Overview

Simplify's Take

What believers are saying

What critics are saying

What makes Peloton unique

Benefits

Growth & Insights and Company News

6 month growth

1 year growth

2 year growth