• Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities in applications • Perform code reviews and provide secure coding guidance to development teams • Implement and maintain GitHub Advanced Security, including secret scanning and code scanning • Assess and improve security of Infrastructure as Code (IaC) deployments using Terraform • Evaluate container security in our Docker and Kubernetes environments • Support CI/CD security integration and automation • Conduct penetration testing and red team/purple team exercises on applications • Review and secure API implementations, with focus on GraphQL security • Evaluate AI/ML model security and implement protections against prompt injection and other AI-specific threats • Collaborate with the Staff AppSec Engineer on CIAM and advanced AI security initiatives • Maintain security documentation and contribute to security awareness training

• Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem. • Bring security best practices to the software development lifecycle. • Champion security standards while balancing business strategies and requirements. • Support Webflow’s security compliance frameworks • Find security vulnerabilities through grey-box techniques • Propose solutions at the architecture and code level. • Contribute code and architecture improvements to enable security within Webflow’s application. • Cross-train entry and mid-level application security engineers.

• Own the long-term technical direction for application security across Thumbtack • Lead large, cross-functional security initiatives from problem definition through delivery • Design secure architectures and implement shared security tooling • Partner with teams to prioritize security investments based on risk and impact • Mentor engineers and drive organization-wide improvements in application security

• Develop and maintain high-quality VOIP applications that meet customer needs, focusing on reliability, performance, and scalability. • Integrate VOIP solutions with third-party systems, ensuring seamless communication between internal and external platforms. • Provide support for complex VOIP issues, including system failures, call quality problems, and application errors. Work to quickly diagnose and resolve issues. • Work closely with cross-functional teams, including engineering, product management, and operations, to ensure seamless deployment and operation of VOIP applications. • Test new VOIP features, products, and services, ensuring they meet quality standards before deployment. • Create and maintain technical documentation for VOIP applications, including system architecture, troubleshooting guides, and integration processes. • Continuously monitor and optimize VOIP applications to improve performance, scalability, and user experience. • Ensure VOIP applications meet security standards and compliance requirements. • Assist internal and external teams with troubleshooting, providing solutions, and offering expert guidance on VOIP-related issues. • Stay current with emerging VOIP technologies and trends, contributing to the development of new features and improvements to existing applications.