Events  Classes  Deals  Spaces  Jobs  SXSW 
    Sign in  
ClassPass is a monthly fitness membership that lets you go to the best boutique fitness studios.
Engineering, Full Time    Missoula, New York, San Francisco    Posted: Thursday, March 07, 2019
Apply To Job

About ClassPass

ClassPass is transforming the $30B fitness industry by connecting people to over 1 million studio fitness classes annually, & inspiring them to live more actively. Since our founding in 2013, weve built the worlds leading fitness membership through a digital platform, proprietary technology, a global brand & an unparalleled community. Were revolutionizing fitness, & even after being recognized as one of Forbes Next Billion-Dollar Startups, we believe were just getting started.

Our growing team (now over 400 strong!) is a passionate, hard-working bunch that believes in having a real impact on our customers' lives. We take work & working out seriously. Were as inspired by the 35M+ reservations made to date as we are by the life-changing stories we receive from our members & studios, which is why we work together every day to innovate, create, & discover new ways we can make the world a more active place.

We are looking for an Application Security Engineer who can help the Company reduce risks associated with code exploits & help meet the requirements of modern compliance initiatives such as SOC 2. In this role, you will work closely with members of the Product, Engineering & Business Intelligence teams to improve the security of both internal & customer facing services.


  • Work closely with front-end & backend engineers to adopt strong security practices when creating UIs & APIs
  • Work closely with product managers to prioritize roadmap items that support the Companys security initiatives
  • Manage internal application security scans & external penetration testing in support of SOC 2 compliance
  • Proactively investigate code bases for security vulnerabilities & contribute to the development of security-related code for front-end & backend services
  • Report on security risks to stakeholders at all levels of the organization ranging from ICs to executives
  • Investigate & potentially manage the implementation & operation of an SIEM solution.


  • 5+ years of demonstrated experience in the following areas:
    • REST API design, Java & Python
    • modern application frameworks, especially ReactJS & Django
    • cloud computing environments, especially AWS
  • Knowledgeable in vulnerabilities affecting modern web applications, their remediation & compensating controls
  • Experience meeting the requirements of a well known compliance standard such as SOC 2, PCI-DSS, etc
  • Experience with penetration test tools & methods, ability to run standard pen test suites against the internal & public facing infrastructure
  • Strong communication & collaboration skills, able to communicate highly technical security related information to stakeholders throughout the company
  • Ability to understand a distributed system by pulling together information from various sources like the AWS console, dockerfiles, git, etc
  • Experience in network engineering, system administration or database administration is a plus
Apply To Job
© 2019 GarysGuide      About   Terms   Press   Feedback