Bizzabo is a software platform for virtual, in-person, and hybrid events. Our platform empowers every organizer, marketer, exhibitor, and attendee to unleash the power of professional events.
20 июля 2021

Application Security Engineer (вакансия неактивна)

Киев

Bizzabo is a software platform for virtual, in-person, and hybrid events. Our platform empowers every organizer, marketer, exhibitor, and attendee to unleash the power of professional events.

Bizzabo is looking for an Application Security Engineer with penetration testing experience to join our fantastic security team, managing bug bounty program and collaborating with all teams at R&D.

We are passionate and curious about new technologies. Our server architecture is microservices-based, running on a Kubernetes cluster, written in Java and Kotlin, using MySQL, Elasticsearch, BigQuery, and Kafka as data sources, and we are using BI tools for advanced analytics.

Bizzabo also powers events for brands like IBM, Bloomberg, Datarobot, Forbes, Uber, Electronic Arts, Siemens, Bank of Ireland, and The Wall Street Journal. The company was founded by Boaz Katz, Alon Alroy, and Eran Ben-Shushan, and has more than 260 employees in its New York, Tel-Aviv, and Kyiv offices.

WHAT YOU’LL BE DOING

  • Perform security analysis and identifying possible vulnerabilities
  • Help with vulnerabilities mitigation
  • Perform pentests on different applications (web, mobile)
  • Perform threat modelling sessions (STRIDE)
  • Review findings from the bug bounty program

WHAT YOU HAVE

  • 2-3 years of experience in Information Security
  • Strong expertise in performing security analysis and identifying possible vulnerabilities
  • Experience with application security tools like BurpSuite, OWASP ZAP, Metasploit, etc.
  • Knowledge of programming languages (Java, Kotlin, Python, Go)
  • Strong technical and programming background, software design, and architecture expertise
  • BSC degree in Computer Science, a related field or equivalent experience
  • High level of English — both written and verbal

WHAT WOULD BE A BONUS

  • Experience with managing bug bounty program
  • Experience with mobile penetration tests
  • Experience with AWS
  • Experience with writing own automation tools