We are building our Security Team (now it’s 4 people) and looking for Application Security Engineer.
A Few Words About Us:
airSlate is a global IT company founded in Boston, USA, back in 2008. Today, the company develops products aimed at business process automation and digital workflow management. airSlate brand portfolio consists of four services:
- airSlate — no-code automation for business processes;
- pdfFiller — online PDF editor;
- SignNow — eSignature tool;
- USLegal — the US largest online library of legal forms and templates.
Over 40 mln people are currently using the Company’s services. And of those, 500k are regular business customers. Over 900 airSlate’s employees are working in the offices located in the US, Ukraine, Russia, and the Philippines. The Head office is in Boston, MA.
First of all, that’s our products.
These are fast-growing, socially beneficial applications that are used by tens of millions of customers around the world.
Second, it’s our company culture.
We are looking for open-minded people who never stop in their self-development, who never refuse to help and who are offering new ideas for our products and workflow development.
Third, it’s our benefits.
- The members of our team get monthly bonuses and options contracts (each of us has a share in airSlate, so that company’s growth translates into capitalization of one’s interest);
- We’ve organized PHP, JS, QA Automation and DevOps schools where the trainers are our employees. Anyone may try their hand at one of the schools and attend the course;
- We have a personal training budget for all employees. This budget can be used for career courses and conferences that can help with professional growth;
- Language classes;
- Regular sports activities with our professional coaches: yoga, stretching (3 times a week) and TRX;
- Medical insurance;
- In-house massage therapist;
- All financial information about the company’s growth is open to every employee of airSlate. Every 2 weeks the team members receive a full financial report from the company’s CEO during the Q&A meeting.
What We Expect From You:
- 2+ years of experience testing applications at the network level using intercepting proxies and other network analysis tools;
- Experience with penetration testing, threat modeling, open-source, and commercial security tools;
- Strong knowledge familiarity with application security concepts/standards (OWASP docs);
- Scripting experience (python/go) for purposes to automate/script daily tasks / Some experience in a scripting/coding language, such as Java, JS, Python, Shell, etc.;
- Understanding the OWASP Software Assurance Maturity Model (OSAMM).
As a plus:
- Web, mobile, network security testing;
- Working with security champions;
- Design, build, and review security-related services and functionality of web applications, mobile applications, and desktop applications;
- Provide guidance on secure software development at all stages of the SDLC, including architecture and design reviews prior to the start of development;
- Evaluate and maintain IAST, SAST, DAST and etc tools for automated scanning;
- Assist the other members of the security team during testing and purple team exercises.