Coalition is the leading provider of cyber insurance and security, combining comprehensive insurance and proactive cybersecurity tools to help organizations be resilient to cyber attacks. Cyber losses cost the global economy upwards of $1.5 trillion each year, and yet the majority of businesses are under-insured and under-prepared to manage and mitigate the risks of an increasingly digital world. Coalition is addressing this gap by providing no-cost cybersecurity tools to prevent losses, security and incident response services to contain them, and comprehensive insurance to help organizations recover from failures and breaches. We serve over 42,000 customers, ranging from small and midsize businesses to Fortune 500 companies.
Founded in 2017, Coalition has raised $300M from leading global technology investors, including Index Ventures, General Atlantic, Ribbit Capital, Vy Capital, Hillhouse Capital, and Valor Equity Partners, among others. Headquartered in San Francisco, Coalition’s team is global with employees based across the United States, Canada, the United Kingdom, Switzerland, and Portugal.
Our culture is one of character, humility, responsibility, purpose, and authenticity. We are growing rapidly and that growth is enabled by strong teamwork, communication, and mentorship. We want people who are passionate about becoming experts in both the business and the technologies that support it.
Our core platform is written mostly in Python with some services in Java and Go. We prefer to use the right tool for the job and make pragmatic decisions about how to scale and de-couple systems as we continue to grow. We’re looking for someone who can navigate a cloud environment (AWS) with many moving pieces and systems to help the team understand how they fit into the broader puzzle.
- Triage and prioritize application security vulnerabilities.
- Develop internal application security testing pipeline and review processes.
- Build and conduct secure coding training for all developers.
- Mentor and train engineers to build secure products
- Implement automated, proactive security measures (e.g., SAST/DAST).
- Develop Secure SDLC process and communicate process to Engineering.
- Building Application security metrics
- At least 3-5 years of direct experience either working on or leading an application security team.
- Experience conducting application security reviews.
- Experience with building/measuring metrics and KPIs to track application security issues
- Experience with source code repositories, CI/CD pipelines, and associated security tooling (e.g., GitHub, Drone, Buddy).
- Experience developing SDLC processes.
- Experience working with SAST/DAST and tools (e.g., Synopsys, Veracode, GitLab Secure, GitHub Advanced Security, etc.).
- Experience with threat modeling methodologies (e.g., STRIDE).
- Experience with Java, Go and Python secure coding assessments.
- Experience in API design and system architecture
- Experience in bug bounty management
- Teaching experience
We are all here to build something we believe in and to make a company that will last. We’re also assembling a team of expert incident responders, threat and malware researchers, and security analysts to protect our customers before, during, and after a cyber incident. Our goal is to harness the power of technology with the safety of insurance, to provide the first holistic solution to cyber risk. Coalition’s culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.
Recent press releases:
Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.