Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
QArea is a full-cycle software development company founded in 2001. Over the 22+ years in the outsourcing market, we’ve matured our business processes, project management approaches, and tech expertise to ensure the highest quality of services.
14 червня 2021

2-3 Application Security Engineers (вакансія неактивна)

віддалено

Необхідні навички

— familiarity with OWASP top 10 vulnerabilities, mitigations, and their impact on application architecture;
— 1-2 years working as a developer and 1-2 years specifically in application security;
— working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins and Maven;
— must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude;
— must have an understanding of various systems technologies, architecture fundamentals, next-generation technology, and very strong security understanding;
— proven communication skills, the ability to present information clearly and concisely to all levels of management both formally and informally;

Preferred Qualifications:
— a history of uncovering, exploiting, and remediating application and system security flaws;
— a deep understanding of coding and scripting languages such as Java and Python and the ability to easily switch between a variety of languages quickly;
— knowledge of and experience with manipulating protocols and libraries in order to compromise the security of a set of systems or code;
— experience with application security testing including SAST, DAST, and SCA;
— previous experience working on a large codebase;
— experience maintaining an enterprise bug bounty program;
— experience working cross-functionally with multiple teams to achieve goals;
— understand information security concepts, protocols, and industry best practices;

Буде плюсом

— hands-on experience in MicroServices architecture and security control in such an environment;
— familiarity with different styles of source control and CI/CD pipeline;
— experience with database technologies such as Oracle, Mongo, MySQL, MSSQL, Hadoop, and NoSQL;
— proven risk assessment and mitigation skill;

Пропонуємо

— Dynamic career;
Utilize your skills and grab opportunities to build a successful career doing what you love.
— Personal growth;
Pursue your individual goals with a team that supports your desire for self-refinement.
— Learning & mentorship;
Improve your skills by working closely with experienced professionals on diverse projects. Receive help from senior colleagues and mentor’s support during the adaptation period.
— Latest technologies;
Face new challenges and implement your ideas using innovative practices and technologies.
— People-first culture;
We care about our employees and commit ourselves to providing transparent communication and real feedback opportunities.
— Personal development;
We support your personal growth by covering the expenses of language courses, professional certifications, conferences, and more. In addition, we propose an individual development program.
— Challenging projects;
We make sure that every new project presents you with an opportunity to develop your skills and get value out of experiences.
— Focus on long-term careers;
We care about your career aspirations and do our best to provide you with the experience and opportunities you expect.
— Creation of products that matter and bring value
Be a part of projects that change the world.
— Work-Life balance;
We have a comfortable and friendly environment. In addition, we have flexible hours and work from home.

Обов’язки

— demonstrate and promote Secure Software Development Life Cycle;
— work with security researchers and developers to resolve security issues in our stack;
— evaluate and classify findings from SAST, DAST, SCA, and externally reported sources;
— evaluate and classify findings from our bug bounty program;
— perform security testing on internally developed applications and clearly document findings and recommendations;
— develop and implement security fixes and assist development teams in the same;
— assist in the development of secure code libraries;
— act as technical liaison between Information Security and application development teams;
— support integration and automation within security, monitoring, reporting, and ticketing platforms;

Про проєкт

In this position, you will be an integral part of a developing and expanding Application Security program.

The Application Security Engineer is a vital role that helps assure critical applications and securely enables business functions. We’re looking for a person who is passionate about uncovering a security vulnerability and educating developers on how to fix it. The main focus will be on helping to build and maintain an Application Security program that can be used as the benchmark for our industry. You will be working in a friendly and comfortable environment, performing your best. Together we will develop a high-performing solution.

Waiting for a sign? Here it is!
Apply! :)

Гарячі вакансії

Всі вакансії