VTS is changing the way that commercial real estate (CRE) is done - disrupting a $15 trillion dollar industry by becoming the modern operating system for CRE. We invented the category of leasing and asset management, which allows landlords and brokers to manage their entire leasing process to maximize revenue and performance. Our success shows in our numbers - we’ve grown 123% annually since 2013, and today we have over 11 billion square feet of commercial space managed on VTS, and we’ve expanded to ~200 employees globally. It’s an exciting time to join the VTS team as we continue to scale!
Our headquarters are in NYC, but we have hubs in other major US cities, Toronto, CA and London, UK.
Our mission is to be Commercial Real Estate’s modern operating system, the place where deals happen, customer relationships are nourished, and real-time market data comes to life.
We're growing at an incredible pace and are looking for an experienced Application Security Engineer to help make VTS a more secure application and protect our customers against security threats.
You will work closely with our engineering teams to ensure security is part of VTS technology design and development workflows. Code reviews, security architecture reviews, and mentorship of engineers will be some of the tools you can wield to accomplish this.
Additionally, you will assist with research and development of projects that we could implement in-house to push the state of the art of application security that will be built into our products.
What you'll do
Architect, evaluate, build, and support security-focused tools and services
Contribute code that improves security throughout VTS’ products
Build mitigations and remediations for security vulnerabilities with your fellow engineers
Identify and assess security risks, model threats, and develop mitigation plans
Perform application security software and configuration reviews spanning a wide range of digital technologies (web, mobile, embedded)
Perform cloud infrastructure reviews to ensure we build in a safe-by-default manner, minimizing access risks
Support third-party audits of our application, including SOC2 and Pen TestsEmpower developers to do their job securely without creating unnecessary friction
Educate your fellow engineers about security in application code and infrastructurePromote security within VTSRecommend new security products and technologies
Advance your personal knowledge of application security to stay on the bleeding edge
3+ years of experience and knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP and BGP)
Experience protecting against and mitigating real-world attacks (DDoS, XSS, session-hijacking, SQL injection, CSRF, etc)
Diverse range of security experience at the enterprise level (information, application, network, and IT)
Knowledge of modern development and deployment processes used by consumer technology organizations
Solid understanding of web, mobile, and embedded systems software development
Solid understanding of modern developer platform and CI/CD practices
Solid experience with web, mobile, and embedded systems application pentesting
Experience reviewing cloud provider configs and deployment
Solid experience using a scripting language such as Python, Ruby, etc.
Solid understanding of Linux architecture and security
You want to crush entire bug classes, not play whack-a-mole
You want to work in a fast-paced, high-growth startup environment that respects its engineers and customers
We Take Care of You!
Competitive compensation packages, including equity
Great medical, vision, dental, and commuter benefits
Generous family policies
Training and career development programs for everyone in the company
Unlimited vacation policy
Team lunches, company happy hours, ample snacks and drinks
VTS clubs including rock climbing, skiing, baking, board-games, surfing, softball and more
VTS embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
All your information will be kept confidential according to EEO guidelines.