Our Security team is looking for a highly motivated and Tech-savvy Application Security Engineer to take part in our application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). You will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.
In this role, you will be required to develop your skills and master both offensive and defensive methodologies in a large-scale, complex cloud environment.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Manage our bug bounty program
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay current with emerging security threats, vulnerabilities, and industry trends to ensure we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams.
You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). You will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of our products.
In this role, you will be required to develop your skills and master both offensive and defensive methodologies in a large-scale, complex cloud environment.
The ideal candidate is highly motivated, eager to learn, and has a security by design mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.
What you'll do:
Partner with development and product teams to integrate security best practices into the SDLC
Manage our bug bounty program
Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews
Stay current with emerging security threats, vulnerabilities, and industry trends to ensure we remain ahead of evolving risks.
Support and contribute to security incident response activities, including root cause analysis and post-incident improvements
Automate security processes and integrate security tools within CI/CD pipelines
Develop and deliver secure coding training to engineering teams.
Requirements:
2+ years of experience in Penetration Testing
Experience in managing bug bounty programs
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Deep Understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management
Bonus Points:
Experience with cloud security best practices (AWS, GCP, or Azure)
Experience with DevSecOps and integrating security tools into CI/CD pipelines
Being introduced by a team member.
2+ years of experience in Penetration Testing
Experience in managing bug bounty programs
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
Deep Understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles
Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management
Bonus Points:
Experience with cloud security best practices (AWS, GCP, or Azure)
Experience with DevSecOps and integrating security tools into CI/CD pipelines
Being introduced by a team member.
This position is open to all candidates.
