What you’ll Do:
- Ensure security and quality of a wide range services and products
- Conduct regular security assessments, code inspection, design review and penetration testing on new and existing products to proactively find potential vulnerabilities
- Security consulting of implementation and enforcement of secure design principles to compliance with policies, standards and security guideline for web and mobile application
- Provide security expertise and guidance to engineering and business teams
- Research and support to implement security tools.
- Work with software engineers to analyze security vulnerabilities and follow through with issues until resolution
What you’ll Need:
- 3 years of experience in application-level vulnerability testing, penetration testing or building software security controls
- Experience in identifying and remediating common web and mobile application vulnerabilities such as OWASP Top 10, Mobile Top 10
- Experience in use of various commercial and open source penetration testing tools
- Foundation in, and in-depth technical knowledge of software development, security engineering, computer and network security, cloud security, authentication, security protocols and applied cryptography
It’d be Great if you have:
- Understanding of modern IT infrastructure; cloud environments (AWS preferred) and Linux containers and orchestration systems (Kubernetes)
- Understanding of cryptography, web service frameworks, mobile application architectures, and service architectures
- Experience with one or more programming languages (such as Java, C++, Ruby, Python, Perl, Go ) and development framework (Spring Framework, Swift, Kotlin, React Native, ReactJS, VueJS) for the purpose of code review
- Application security certification such as CISSP, CSSLP, OSCP, CEH, GPEN