Events  Deals  Jobs 
    Sign in  
Peloton // connected indoor fitness cycles
Engineering, Full Time    New York City    Posted: Friday, October 30, 2020
Apply To Job

The Cybersecurity team at Peloton has oversight into the security practices of the entire organization, instantiating security policies & best practices, as well as automation of these policies/practices where possible. We are looking for a Sr. Application Security Engineer to join our growing team to work across the company. As a Sr. Application Security Engineer, you would ensure the security of Peloton's products & services.


  • Integrate security into the CI/CD pipeline
  • Perform penetration testing & code reviews of web & mobile applications
  • Perform design reviews and threat modeling of web & mobile applications
  • Provide remediation guidance to respective development teams
  • Create & maintain application security best practices
  • Work with engineering teams in the design phase of new products & features
  • Institute Security training & outreach to Peloton engineering teams
  • Develop & automate security tools & process


  • You have 4+ years of experience working on a security team performing technical security assessments on modern web applications, APIs, & mobile applications within cloud hosted environments such as AWS & GCP  
  • Experience building security into the SDLC.
  • Experience with CICD platforms: Jenkins, CircleCI, etc.
  • Experience with secure code review in languages such as Javascript, Python, C/C++, & Java
  • Experience developing with common scripting languages Python, BASH, etc.
  • Familiarity with common web application testing tools for DAST, SAST, & IAST analysis such as Burp Suite, Snyk, Checkmarx, & NetSparker
  • Knowledge of software security testing procedures across multiple platforms & Operating Systems
  • Understanding of Agile software development methods & familiarity with enterprise productivity tools such as JIRA, Confluence
  • Experience instituting organizational change with respect to security
  • Effective spoken & written communicator to multiple audiences

Bonus points for:

  • Experience with securing mobile platforms, iOS, Android, & associated frameworks
  • Experience with hacking IoT devices
  • Experience & familiarity with NIST, PCI, et. al. frameworks.
  • Experience with bug bounty programs
  • Experience with CDNs such as Fastly, Cloudflare, Cloudfront, Akamai


Peloton is the largest interactive fitness platform in the world with a loyal community of more than 3 million Members. The company pioneered connected, technology-enabled fitness, & the streaming of immersive, instructor-led boutique classes for its Members anytime, anywhere.

Peloton makes fitness entertaining, approachable, effective, & convenient, while fostering social connections that encourage its Members to be the best versions of themselves.

An innovator at the nexus of fitness, technology, & media, Peloton has reinvented the fitness industry by developing a first-of-its-kind subscription platform that seamlessly combines the best equipment, proprietary networked software, & world-class streaming digital fitness & wellness content, creating a product that its Members love.

The brand's immersive content is accessible through the Peloton Bike, Peloton Tread, Peloton Bike+, Peloton Tread+, & Peloton App, which allows access to a full slate of fitness classes across disciplines, on any iOS or Android device, Apple TV, Fire TV, Roku TVs, & Chromecast & Android TV.

Founded in 2012 & headquartered in New York City, Peloton has a growing number of retail showrooms across the US, UK, Canada & Germany. For more information, visit

Apply To Job
© 2020 GarysGuide      About    Feedback    Press    Terms