Key skills
AWSDockerJavaScriptLinuxPythonTerraformGoAmazon Web ServicesCommunicationPenetration Testing
About this role
Role Overview
- Participate in threat modeling exercises with engineering team members
- Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
- Support vulnerability management efforts for networks and infrastructure
- Partner with engineering teams ensuring timely remediation of security findings
- Perform security assessments, reviews, and internal penetration tests
- Support application security programs and security team initiatives
- Develop scripts and tools to automate repetitive security tasks, such as log analysis, patch management, and incident detection.
- Build custom solutions to integrate security tools with existing systems using languages like Python, JavaScript, or Go.
Requirements
- Education: BS (or higher) in Computer Science or related field, or equivalent work experience.
- Experience: 3+ years of experience in application security with any combination of the following: threat modeling experience, secure design reviews, code reviews, pen-testing
- Excellent communication skills and business acumen
- Proficiency in coding/scripting languages (e.g., Python, Go etc.).
- Web application penetration testing experience (CTFs, Bug Bounty, etc)
- Amazon Web Services (AWS) security and engineering knowledge and experience
- Experience with developing or testing web application technologies
- Nice to have security certifications (OSCP, OSWP, eCPPT, eWPT, Security+, etc)
- Experience with Linux, Docker, Terraform, and programming against REST APIs
Tech Stack
- AWS
- Docker
- JavaScript
- Linux
- Python
- Terraform
- Go
Benefits
- World class benefits, including health, vision and dental
- Competitive compensation
- Paid-time-off (PTO)
- Generous, equal-gender family leave
- Sabbatical after each 5 years of employment
- Frequent team events and a very strong focus on culture spanning a global team