Key skills
AWSDockerJavaScriptLinuxPythonTerraformGoAmazon Web ServicesCommunicationPenetration Testing
About this role
Role Overview
- Participate in threat modeling exercises with engineering team members
- Triage SCA/SAST/DAST/CSPM findings by eliminating false positives and providing well-vetted vulnerabilities to engineering teams
- Support vulnerability management efforts for networks and infrastructure
- Partner with engineering teams ensuring timely remediation of security findings
- Perform security assessments, reviews, and internal penetration tests
- Support application security programs and security team initiatives
- Develop scripts and tools to automate repetitive security tasks, such as log analysis, patch management, and incident detection.
- Build custom solutions to integrate security tools with existing systems using languages like Python, JavaScript, or Go.
Requirements
- Education: BS (or higher) in Computer Science or related field, or equivalent work experience.
- Experience: 3+ years of experience in application security with any combination of the following: threat modeling experience, secure design reviews, code reviews, pen-testing
- Excellent communication skills and business acumen
- Proficiency in coding/scripting languages (e.g., Python, Go etc.).
- Web application penetration testing experience (CTFs, Bug Bounty, etc)
- Amazon Web Services (AWS) security and engineering knowledge and experience
- Experience with developing or testing web application technologies
- Experience with Linux, Docker, Terraform, and programming against REST APIs.
Tech Stack
- AWS
- Docker
- JavaScript
- Linux
- Python
- Terraform
- Go
Benefits
- Generous paid parental leave
- Flexible time off
- Spending accounts
- Medical insurance
- Dental insurance
- Vision insurance
- Sabbatical after 5 years and more.