at Webflow
Webflow is seeking an experienced Application Security Specialist to strengthen its platform's defensive infrastructure. This role is perfect for engineers who thrive at the intersection of development velocity and risk mitigation—professionals who understand that secure code practices, automated tooling, and robust processes are competitive advantages, not obstacles. You'll work directly with development teams to embed security into the build pipeline, mentor engineers on secure coding standards, and shape policies that scale across hundreds of thousands of users worldwide.
Join Webflow's security team to architect and implement application security controls across a Website Experience Platform serving enterprises and creators globally. You'll evaluate and deploy static/dynamic analysis tools, establish secure development guidelines tailored to the team's workflow, and conduct code reviews focused on vulnerability prevention rather than post-launch remediation. Your responsibilities include threat modeling for new features, collaborating with infrastructure and DevOps teams to harden deployment pipelines, mentoring developers on secure coding patterns, and maintaining documentation that makes security practices accessible to non-security engineers. You'll also drive security toolchain improvements—identifying gaps in current scanning capabilities, testing emerging technologies, and building automation that catches issues during development rather than in production. This is a hands-on role requiring both technical depth in application vulnerabilities and the communication skills to influence engineering culture.