2-3 Application Security Engineers (only for Ukraine candidates) (offline)
The Application Security Engineer is a vital role that helps assure critical applications and securely enables business functions. We’re looking for a person who is just as passionate about uncovering a security vulnerability as you are about educating developers on how to fix it. Your focus will be on helping to build and maintain an Application Security program that can be used as the benchmark for our industry.
Requirements:
- familiarity with OWASP top 10 vulnerabilities, mitigations, and their impact on application architecture;
- 1-2 years working as a developer and 1-2 years specifically in application security;
- working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins and Maven;
- must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude;
- must have an understanding of various systems technologies, architecture fundamentals, next-generation technology, and very strong security understanding;
- proven communication skills, the ability to present information clearly and concisely to all levels of management both formally and informally;
Preferred Qualifications:
- a history of uncovering, exploiting, and remediating application and system security flaws;
- a deep understanding of coding and scripting languages such as Java and Python and the ability to easily switch between a variety of languages quickly;
- knowledge of and experience with manipulating protocols and libraries in order to compromise the security of a set of systems or code;
- experience with application security testing including SAST, DAST, and SCA;
- previous experience working on a large codebase;
- experience maintaining an enterprise bug bounty program;
- experience working cross-functionally with multiple teams to achieve goals;
- understand information security concepts, protocols, and industry best practices;
Additional Qualifications:
- hands-on experience in MicroServices architecture and security control in such an environment;
- familiarity with different styles of source control and CI/CD pipeline;
- experience with database technologies such as Oracle, Mongo, MySQL, MSSQL, Hadoop, and NoSQL;
- proven risk assessment and mitigation skill;
Duties:
- demonstrate and promote Secure Software Development Life Cycle;
- work with security researchers and developers to resolve security issues in our stack;
- evaluate and classify findings from SAST, DAST, SCA, and externally reported sources;
- evaluate and classify findings from our bug bounty program;
- perform security testing on internally developed applications and clearly document findings and recommendations;
- develop and implement security fixes and assist development teams in the same;
- assist in the development of secure code libraries;
- act as technical liaison between Information Security and application development teams;
- support integration and automation within security, monitoring, reporting, and ticketing platforms;
Requirements:
- familiarity with OWASP top 10 vulnerabilities, mitigations, and their impact on application architecture;
- 1-2 years working as a developer and 1-2 years specifically in application security;
- working knowledge of code versioning tools like Git and continuous delivery tools like Jenkins and Maven;
- must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude;
- must have an understanding of various systems technologies, architecture fundamentals, next-generation technology, and very strong security understanding;
- proven communication skills, the ability to present information clearly and concisely to all levels of management both formally and informally;
Preferred Qualifications:
- a history of uncovering, exploiting, and remediating application and system security flaws;
- a deep understanding of coding and scripting languages such as Java and Python and the ability to easily switch between a variety of languages quickly;
- knowledge of and experience with manipulating protocols and libraries in order to compromise the security of a set of systems or code;
- experience with application security testing including SAST, DAST, and SCA;
- previous experience working on a large codebase;
- experience maintaining an enterprise bug bounty program;
- experience working cross-functionally with multiple teams to achieve goals;
- understand information security concepts, protocols, and industry best practices;
Additional Qualifications:
- hands-on experience in MicroServices architecture and security control in such an environment;
- familiarity with different styles of source control and CI/CD pipeline;
- experience with database technologies such as Oracle, Mongo, MySQL, MSSQL, Hadoop, and NoSQL;
- proven risk assessment and mitigation skill;
Duties:
- demonstrate and promote Secure Software Development Life Cycle;
- work with security researchers and developers to resolve security issues in our stack;
- evaluate and classify findings from SAST, DAST, SCA, and externally reported sources;
- evaluate and classify findings from our bug bounty program;
- perform security testing on internally developed applications and clearly document findings and recommendations;
- develop and implement security fixes and assist development teams in the same;
- assist in the development of secure code libraries;
- act as technical liaison between Information Security and application development teams;
- support integration and automation within security, monitoring, reporting, and ticketing platforms;
About Telesens
Telesens is a global provider of enterprise level software products and solutions for telecom and other business domains. We have been operating since 1998 and serving customers in more than twenty countries worldwide. The headquarters of the company is situated in London with the development center in Ukraine.Telesens has its own telecom BSS/OSS/VAS suite with exclusive intellectual property rights to every own product.
To support the growth of our customers’ businesses and their reliable operation, we offer a wide range of services:
Tailoring and implementation of own software products at telecom operators
Assembling turn-key solutions on platforms of leading telecom software vendors
Custom software development
Over 600 projects were successfully implemented for our clients all over the world.
Telesens is a certified partner of Oracle and Microsoft corporations and we work in close partnerships with world’s leading telecom solutions vendors like NOKIA (Finland), SIEMENS (Germany), Comptel (Finland), DigitalRoute (Sweden).
High corporate culture and ISO 9001:2015 certified business processes allow us to satisfy the most demanding customers with the excellent quality of solutions and support services. More than 100 highly qualified technical specialists are working for the company with the potential for rapid corporate growth due to own educational center and close cooperation with leading technical universities of Ukraine.
Company website:
http://telesens.ua/
DOU company page:
https://jobs.dou.ua/companies/telesens/
The job ad is no longer active
Job unpublished on
30 June 2021
Look at the current jobs SQL / DBA Remote→
Average salary range of similar jobs in
analytics →
Similar jobs
Інженер-програміст баз даних (SQL) at Vitmark
Ukraine
Ukraine
DBA Middle (NoSQL) at monobank
Ukraine
All jobs SQL remote All jobs QArea