RESPONSIBILITIES:
- Conduct product and application security design reviews, pentests, and assessments
- Establish processes classifying risks and associated controls in application or design changes before public release
- Build, prototype, implement, and automate vulnerability discovery and reporting tools
- Validate, risk rank, document, and prioritize remediation for external vulnerability reports and 3rd party security assessments
- Encourage and train developers in secure coding practices
- Continuously improve Application Security Program and actively take part influencing its roadmap
- Participate in Red Team/ Blue Team exercises
QUALIFICATIONS:
- 4+ years in an information security role
- Knowledge of web application and code vulnerabilities (e.g. OWASP Top 10)
- Proficiency in scripting in one or more coding languages (Go, Python, Ruby, Java)
- Ability and desire to operate in a fast paced, hyper growth environment
- Capable of practically applying and combining security vulnerabilities, simulating real attacks to help communicate risk to business
- Comfortable operating in a containerized environment and navigating in both Windows and Linux systems