Application Security Engineer

Roles & Resposibilities

• Threat modeling: Think about how attackers can compromise a system and what protections are needed against them
• Secure Software Development Lifecycle: Help developers write secure code that minimizes vulnerabilities by implementing secure coding standards, techniques, and best practices. Define and approve security architecture of the developed solution.
• Security code reviews: Identify security vulnerabilities in source code before an application is deployed to production
• Vulnerability testing and analysis: Discover weaknesses once an application is deployed and advise development teams on remediation.

Qualifications

• At least 6 years of experience in Application Security.
• Strong knowledge of the modern web, mobile, and network security. Experience in penetration testing and understanding of exploitation techniques for web and mobile applications.
• At least basic programming skills with Go, Python or other languages. You don't need to be a skilled developer, but you will need to find a common language with our RnD team, so at least some understanding is necessary.
• Any public researchers, tools, disclosed tickets will be considered a strong advantage. Wrote a blog post about your research or have a CVE? Please, be sure to mention it.
• Deep understanding of modern cybercrime and complex attack techniques.
• Good knowledge and understanding of major attacks and recent security events.
•  Proven presentation skills and fluent speaking English.
• Experience in malware analysis (windows executables, exploits, scripts).
• Experience in penetration testing and understanding of exploitation techniques.