Senior Security Engineer - Red Team (Remote)

A Senior Security Engineer Red Team in Insider day in and day out:

• performs web, mobile application, and internal penetration test, source code reviews, threat analysis, social-engineering assessments,
• supports blue teams when needed
• researches new attack vectors and stay current with cybersecurity news and trends,
• trains Quality Assurance and Development teams in standard security testing techniques and secure software development.

We want you to join us while we are taking a step into the future if you:

• have 4+ years of working experience in web application security,
• have hands-on experience in security testing of Web applications, Web service, Mobile applications, APIs, etc.
• have experience securing REST APIs and web services,
• have experience using and implementing SAST / DAST tools such as Fortify, Veracode, Checkmarx, or other similar tools,
• know conducting penetration tests of information systems using commercial and open-source exploitation tools,
• have a good understanding of standard security vulnerabilities and common remediation as published by OWASP, SANS, etc.
• have experience working with secure coding methodology and best practices and their implementation within engineering teams,
• will support developers of our business units in their SDLC and provide guidance regarding mitigations to emerging threats,
• will review application source code based on static application security testing tools,
• will be engaging in security research to remain current on vulnerabilities and testing tools,
• will be creating detailed, professional documentation/reports that clearly communicate vulnerabilities, mitigation strategies, and remediation steps,
• have the ability to work on multiple projects concurrently and be committed to providing exemplary customer service,
• have strong written and verbal communication skills in English,
• have Python, Javascript, PHP programming experience as a plus,
• have knowledge in scripting (any language) and experience in automation scripts for application security testing as a plus,
• have familiarity with cloud security, particularly AWS Security concepts as a plus,
• have certifications of eWAPTx, OSCP, OSWE, etc. as a plus,
• are able to work in a team-centric environment,
• have strong critical thinking and analytical skills,
• have experience in executing white, gray, or black box security posture assessments and complete detailed reports that outline the findings and recommendations,
• have strong presentation, written, and oral communication skills.

While exporting our technology to the world, we offer you:

• “Tech Talks” with famous and groundbreaking people from the software world, “Dev Talks” where our Software Developers talk about their career steps, and many events where groundbreaking ideas are discussed,
• Hackathons we organize inside that push the boundaries, programming challenges, and coding competitions,
• Free access to exclusive services such as Laracast, Egghead, LinkedIn Learning, Blinkist, Masterclass, and Spotify
• Shareowner System that we offer to all Insiders who meet certain criteria
• Inclusive Private Health Insurance
• Multinet to cover food expenses covered on a monthly basis
• Team Activities that are bursting with fun,
• No Dress code! This is a fast and innovative startup, you can wear whatever you want.