Software Security Engineer

Save to Kiter
What Strava is looking for in applicants

About This Role

Strava is the leading social platform for athletes and the largest sports community in the world, with over 85 million athletes in 195 countries. If you sweat you’re an athlete, and Strava’s mobile apps and website connect millions of active people every day!

This role is on the Strava Security Engineering Team, the team that secures our athletes’ experiences on Strava. Strava users upload roughly 40 million activities per week, for a lifetime total of over 5 billion activities handled by our systems. The Security Engineering team strives to exceed our athletes’ expectations for security, privacy, trust, and safety throughout their experience.

We are a team that partners with other teams at Strava including engineering, product, privacy, legal, and others to serve our community of athletes. To protect our athletes, we look to build security into the code created and consumed by all engineering teams at Strava. We want to use modern secure coding practices, continuously educate our developers, safely consume open source software, and create assurance when incorporating 3rd party APIs and services. These practices also need to support our development velocity as a growth oriented company, and align with our mission & values.


You’re excited about this opportunity because you will:

  • Secure & scale software security for all the code that makes Strava possible

  • Design software security models & processes that empower your engineering colleagues, providing them the foundations to deliver secure products.

  • Find mentorship and growth opportunities with more experienced engineers on your team and beyond.


You will be successful here by:

  • Demonstrating empathy for other engineers and thinking about how you can empower them to build a secure platform with a safety net that helps them

  • Having an eye for detail and thoroughness, as you will work on the most important production systems at Strava.

  • Displaying ownership of your work by managing to balance security, developer experience, and an ever changing risk landscape


We’re excited about you because you:

  • Have a passion for the security, reliability, scalability, and usability of what all our engineers create.

  • Own your work, from identifying & prioritizing software security issues, to implementing automated scalable solutions, and supporting developer experience in the process.

  • Love working with developers, and helping them build their best code

  • Are security-minded when developing and working on systems, and able to share that passion with others who may not have a security background


Some of our Technical Expectations

We’re not looking for 100% coverage; if you have experience in any of these technologies, we’d love to hear from you:

  • Experience with at least one programming language such as Ruby, Scala, Python, or Java

  • Experience with secure coding, OWASP Top Ten, CWE/SANS Top 25, etc.

  • Experience working with both security professionals AND developers

  • Familiar with application security tools such as static analyzers, dynamic analyzers, fuzzing, dependency analysis, etc.


About Strava

Strava is Swedish for “strive,” which epitomizes who we are and what we do. We’re a passionate and committed team, unified by our mission to connect athletes to what motivates them and help them find their personal best. And with billions of activity uploads from all over the world, we have a humbling and audacious vision: to be the record of the world’s athletic activities and the technology that makes every effort count.  

Strava builds software that makes the best part of our athletes’ days even better. And just as we’re deeply committed to unlocking their potential, we’re dedicated to providing a world-class, inclusive workplace where our employees can grow and thrive, too. We’re backed by Sequoia Capital, Madrone Partners and Jackson Square Ventures, and we’re expanding in order to exceed the needs of our growing community of global athletes. Our culture reflects our community – we are continuously striving to hire and engage diverse teammates from all backgrounds, experiences and perspectives because we know we are a stronger team together.

In light of the global pandemic, Strava is currently working in a fully remote capacity. As always, we remain committed to fully supporting our employees, especially their mental health and wellbeing, through these challenging times. Despite challenges in the world around us, we are continuing to grow camaraderie and positivity within our culture and we are unified in our commitment to becoming an antiracist company. We are differentiated by our truly people-first approach, our compassionate leadership, and our belief that we can bring joy and inspiration to athletes’ lives — now more than ever. All to say, it’s a great time to join Strava!

Strava is an equal opportunity employer. In keeping with the values of Strava, we make all employment decisions including hiring, evaluation, termination, promotional and training opportunities, without regard to race, religion, color, sex, age, national origin, ancestry, sexual orientation, physical handicap, mental disability, medical condition, disability, gender or identity or expression, pregnancy or pregnancy-related condition, marital status, height and/or weight.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

California Consumer Protection Act Applicant Notice

For more information on compensation and benefits, please click here

Want some tips on how to get an interview at Strava?

What is Strava looking for?
If this role looks interesting to you, a great first step is to understand what excites you about the team, product or mission. Take your time thinking about this and then tell the team! Get in touch and communicate that passion.
What are interviews for Software Security Engineer like?
Interview processes vary by company, role and team. The best plan is to see what others have experienced and then plan accordingly.
How to land an interview at Software Security Engineer?
A great first step is organizing your path to an offer. Check out Kiter for tools to get started!