BigCommerce is the world’s leading cloud e-commerce platform for established and rapidly-growing businesses. Combining enterprise functionality, an open architecture and app ecosystem, and market-leading performance, BigCommerce enables businesses to grow online sales with 80% less cost, time and complexity than on-premise software.
18 сентября 2021

Application Security Engineer


Project description:

BigCommerce is disrupting the e-commerce industry as the SaaS leader for fast- growing, mid-market businesses. We enable our customers to build intuitive and engaging stores to support every stage of their growth. BigCommerce is seriously growing its information security team, get in whilst the Security team is still small and you’ll have the ability to influence the culture and direction moving forward. As the BigCommerce e-commerce SaaS platform handles information at a large scale, we need to anticipate and protect against attackers targeting BigCommerce or our customer. Our engineers are called on to wear many hats, you’ll be very well rounded, with experience as a software developer, penetration tester, and able to work independently to provide technical expertise to other software developers. We are looking for the Applications Security Engineer who wants to make an impact to every level of society through powering innovators, creative thinkers, entrepreneurs and business owners around the world to be successful at each stage of their business.

What you’ll do:

● Respond to information security incidents, providing technical expertise.
● Provide security guidance and experience to BigCommerce engineering teams.
● Review project technical designs and stay involved through their implementation to assist BigCommerce engineering staff with the finer points of application security.
● Help build internal security tooling, to help us be proactive in the battle.
● Utilise data to help generate insights into threats, and build solutions.
● Follow best practice around information security standards.
● Regular and ongoing pen testing of BigCommerce’s changing environment.
● Evangelize security within BigCommerce and be an advocate for BigCommerce customers.
● Protect BigCommerce Merchants, Shoppers and the company.

Who you are:

● Bachelor’s degree in CS, EE or MIS; or equivalent experience.
● Good understanding of how web works, Web Application Security concepts, threats, exploits and prevention.
● Skills to Test, Triage, review and provide recommendations to vulnerabilities.
● 2 plus years of experience in application security-related fields (code reviews, application penetration testing, security engineering).
● Passionate about security and willingness to learn, unlearn and relearn if needed.
● Knowledge on development and integration tools and technologies (e.g. CI/CD).
● Basic development experience in PHP, Ruby, Java, or similar relatable technology skill-set preferred.
● The ability to explain security issues to developers, engineers and product.
● Strong communicator with a bias towards honesty and transparency.
● Experience in Bug bounties, speaking at conferences, blogging etc is highly desirable.
● Advanced English.

We offer:

● Enjoy an amazing business culture while working with one of the most exciting global e-commerce companies.
● Work directly with our customers and partners.
● Benefit from collaborating with a fast-growing team of professionals in a global environment.
● Competitive financial package.
● Control your own schedule.
● Personal time off.
● Interactive events and activities for all engaged in the project.