Dear Snyk Talent Acquisition team,
I would like to apply for the Application Security Engineer role you have posted on your careers page. My focus these past few years has been application security, and I would be glad to bring that to your team.
Ahead of writing I read about Snyk, and what stood out was your developer-first security tooling and the appsec research your team keeps publishing. This looks like a strong time to join, and I would gladly put my application security experience to work there.
Reading the posting, the three needs that stand out most are secure code review and SAST, threat modeling and design review and vulnerability management and remediation. Those decide whether an appsec hire works out, and I have real results behind each.
On secure code review and SAST, my daily tools are SAST, Semgrep and code review. As an Application Security Engineer at GitLab, I handled running secure code reviews on 60+ services a quarter. Beyond that, I built the SAST pipeline the engineering org relies on now.
For threat modeling and design review, I rely on threat modeling, STRIDE and design review. During my time as an Application Security Engineer at GitLab, I took on leading threat models on every new design before it shipped.
On vulnerability management and remediation, I bring SCA, dependency scanning and remediation. Working as an Application Security Engineer at GitLab, I owned standing up the vulnerability management program from scratch. Beyond that, I cut average remediation time on critical findings from weeks to days.
I would be glad to walk through this in an interview and show why I fit. I am ready to find the flaws before attackers do and help your engineers fix them fast, and to grow with the team.
I would be glad to find a time to talk.
Yours sincerely,
Theo Script
theo.script@gmail.com