Security Engineer

REF. NO:
FC - SE

REQUIREMENTS:

  • Familiarity with common web application testing tools such as Burp Suite, Fortify, etc.
  • Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
  • Ability to learn new technologies quickly and provide appropriate security advice
  • Good understanding of web application architecture and design principles
  • Strong written and verbal communication skills and communicate with empathy when delivering constructive feedback regarding security matters to engineers and product designers
  • Should have knowledge or keen to learn how to test code and applications across various platforms for security

BONUS SKILLS:

  • Current or former security training or certifications such as SANS GWAPT, GPEN, CEH or similar is a plus
  • Experience with manual secure code review in languages such as: Java, JavaScript, Ruby
  • Background in software engineering and common development practices in a collaborative and dynamic environment
  • Experience with AWS services

RESPONSIBILITIES:

  • Performing technical security assessments on our web applications and mobile applications
  • Tracking and responding to issues detected during internal reviews or reported via our Vulnerability Assessment and Penetration Testing
  • Maintaining and creating secure development practices and programs for our engineering teams
  • Seeking out opportunities to automate processes when appropriate
  • Communicating risks effectively to engineering staff through training and technical demonstration of vulnerabilities
  • Identifying risk in code, applications, processes, and architecture