We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our companys security research blog.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our companys security research blog.
Requirements:
At least 3 years of experience in application security or vulnerability research.
Hands-on experience in penetration testing for web, mobile, infrastructure, and thick client applications.
Experience bypassing security tools like RBI, EDR, and DLP.
Programming skills, with a preference for Java, Go, or C.
Ability to find and fix security flaws in open-source libraries and third-party software.
Knowledge of supply chain attacks and how to prevent them.
Hands-on experience with AWS cloud attacks and mitigations (preferred).
Understanding of microservices architectures, Docker, and Kubernetes.
Strong problem-solving skills and the ability to work independently.
Good communication skills and a passion for sharing knowledge.
Understanding of network security and encryption protocols.
Additional Skills (Preferred):
Experience using SAST/DAST tools for static and dynamic code analysis.
Experience working in Agile teams and collaborating with different departments.
Security certifications like OSCP, CRTP, OSWE, or similar.
Ability to lead security projects and initiatives.
Adaptability to a fast-paced environment.
Knowledge of current security threats and how to defend against them.
Experience with writing security blogs, CVE research, or bug bounty programs is a plus.
BSc in Computer Science- an advantage.
At least 3 years of experience in application security or vulnerability research.
Hands-on experience in penetration testing for web, mobile, infrastructure, and thick client applications.
Experience bypassing security tools like RBI, EDR, and DLP.
Programming skills, with a preference for Java, Go, or C.
Ability to find and fix security flaws in open-source libraries and third-party software.
Knowledge of supply chain attacks and how to prevent them.
Hands-on experience with AWS cloud attacks and mitigations (preferred).
Understanding of microservices architectures, Docker, and Kubernetes.
Strong problem-solving skills and the ability to work independently.
Good communication skills and a passion for sharing knowledge.
Understanding of network security and encryption protocols.
Additional Skills (Preferred):
Experience using SAST/DAST tools for static and dynamic code analysis.
Experience working in Agile teams and collaborating with different departments.
Security certifications like OSCP, CRTP, OSWE, or similar.
Ability to lead security projects and initiatives.
Adaptability to a fast-paced environment.
Knowledge of current security threats and how to defend against them.
Experience with writing security blogs, CVE research, or bug bounty programs is a plus.
BSc in Computer Science- an advantage.
This position is open to all candidates.
