— familiarity with OWASP top 10 vulnerabilities, mitigations, and their impact on application architecture;
—
— working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins and Maven;
— must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude;
— must have an understanding of various systems technologies, architecture fundamentals, next-generation technology, and very strong security understanding;
— proven communication skills, the ability to present information clearly and concisely to all levels of management both formally and informally;
Preferred Qualifications:
— a history of uncovering, exploiting, and remediating application and system security flaws;
— a deep understanding of coding and scripting languages such as Java and Python and the ability to easily switch between a variety of languages quickly;
— knowledge of and experience with manipulating protocols and libraries in order to compromise the security of a set of systems or code;
— experience with application security testing including SAST, DAST, and SCA;
— previous experience working on a large codebase;
— experience maintaining an enterprise bug bounty program;
— experience working cross-functionally with multiple teams to achieve goals;
— understand information security concepts, protocols, and industry best practices;
— hands-on experience in MicroServices architecture and security control in such an environment;
— familiarity with different styles of source control and CI/CD pipeline;
— experience with database technologies such as Oracle, Mongo, MySQL, MSSQL, Hadoop, and NoSQL;
— proven risk assessment and mitigation skill;
— Dynamic career;
Utilize your skills and grab opportunities to build a successful career doing what you love.
— Personal growth;
Pursue your individual goals with a team that supports your desire for self-refinement.
— Learning & mentorship;
Improve your skills by working closely with experienced professionals on diverse projects. Receive help from senior colleagues and mentor’s support during the adaptation period.
— Latest technologies;
Face new challenges and implement your ideas using innovative practices and technologies.
— People-first culture;
We care about our employees and commit ourselves to providing transparent communication and real feedback opportunities.
— Personal development;
We support your personal growth by covering the expenses of language courses, professional certifications, conferences, and more. In addition, we propose an individual development program.
— Challenging projects;
We make sure that every new project presents you with an opportunity to develop your skills and get value out of experiences.
— Focus on long-term careers;
We care about your career aspirations and do our best to provide you with the experience and opportunities you expect.
— Creation of products that matter and bring value
Be a part of projects that change the world.
— Work-Life balance;
We have a comfortable and friendly environment. In addition, we have flexible hours and work from home.
— demonstrate and promote Secure Software Development Life Cycle;
— work with security researchers and developers to resolve security issues in our stack;
— evaluate and classify findings from SAST, DAST, SCA, and externally reported sources;
— evaluate and classify findings from our bug bounty program;
— perform security testing on internally developed applications and clearly document findings and recommendations;
— develop and implement security fixes and assist development teams in the same;
— assist in the development of secure code libraries;
— act as technical liaison between Information Security and application development teams;
— support integration and automation within security, monitoring, reporting, and ticketing platforms;
In this position, you will be an integral part of a developing and expanding Application Security program.
The Application Security Engineer is a vital role that helps assure critical applications and securely enables business functions. We’re looking for a person who is passionate about uncovering a security vulnerability and educating developers on how to fix it. The main focus will be on helping to build and maintain an Application Security program that can be used as the benchmark for our industry. You will be working in a friendly and comfortable environment, performing your best. Together we will develop a high-performing solution.
Waiting for a sign? Here it is!
Apply! :)