Perform penetration testing, develop tools to automate it and enable more efficient discovery and resolution of security problems.
Supporting the incident response whenever application security expertise is required.
Respond to web security incidents and help evolve online security operations/procedures.
Identify security gaps and collaborate with product teams on improved hardening opportunities.
Perform architecture reviews to steer projects in the right direction early, participate in security code reviews, and perform penetration testing against products prior to shipping.
Develop secure coding practices and train engineering teams.
Periodically reviewing existing security policies, network topologies, and configurations to identify any opportunities to improve the network's overall security posture.
Qualifications
You Have:
4+ years of demonstrated experience in Cyber Security.
Experience working with incident response.
Experience in implementing and operating modern SDLC stack tooling (SAST/SCA/DAST/IAST).
Programming skills in at least one is a must: Python, Go, Java, etc.
Knowledge in cloud environments (GCP/AWS).
Additional Information
Good to Have:
Production experience in implementing Security practices and Zero Trust.
Strong understanding of web application architecture and design principles.
Background in software engineering in a collaborative and dynamic environment.
OSCP certification.
User obsession and empathy.
Focus on impact and results. You work on the right things and get them done.
Drive and resourcefulness to persevere and overcome obstacles achieving challenging goals.
High integrity and ability to positively collaborate with others.
Ability to speak and write succinctly and clearly in English.