In this role, you will have access to multiple well-known and famous websites. Your job will be to actively monitor and maintain security of those applications. This position will enable you to master the intricacies of application security and secure software engineering.
What You'll Be Doing
- Through close collaboration with product and engineering teams, ensure the adoption Secure Software Development Lifecycle (SSDLC) best practices.
- Improve the automation of vulnerability management and security scanning in continuous integration and delivery (CI/CD) environments.
- Validate internal, external and crowd-sourced application security findings and articulate them to engineering teams.
- Help maintain custom tooling and documentation used by the application security team.
Must Haves
What you'll need to be successful:
- Be an enthusiastic learner and curiosity seeker!
- Ability to work in a fast-paced environment and embrace change.
- Be able to think both offensively (like a hacker) and defensively in order to design secure solutions.
- Read and write multiple programming languages. PHP, JavaScript, Java, C#, Go, and Python are highly valued, but others will help too.
- Microservice architecture expertise and best practices in securing APIs across multi-cloud environments.
- Hands-on experience in container-based deployments and orchestration tools (e.g., Kubernetes, Docker, GKE, Terraform).
- Effective written and oral communication with multiple levels of leadership involving both the business and technical side.
Nice To Haves
- A pen-test certification such as Offensive Security Certified Professional (OSCP), OSWE, GPEN, GMOB, GWAPT, etc. or willing to work towards obtaining one.
- Experience with security compliance standards, such as PCI-DSS.
As an equal opportunity employer, we celebrate diversity and are committed to creating an inclusive environment for all employees
In this role you may be exposed to adult content