Application Security Engineer / SecOps (offline) $6000-7500

Our project is https://acretrader.com/, AcreTrader launched in 2018 and has established itself as a leader in the farmland investment industry. We have it running on the Google Cloud Platform.

IN THIS ROLE YOU WILL:
● Implement and configure SecOps Pipelines
● Analyze system services, spotting issues in code and discovering security exposures.
● Develop mitigation plans and design technical solutions to address security weaknesses.
● Design and implement SDLC practices including code reviews, static/dynamic code analysis, and vulnerability assessments.
● Participate in and support application security reviews, including code reviews, third-party integration reviews, and dynamic testing.
● Perform security testing on our internal and external applications—including performing security code reviews, vulnerability assessments, and exploit development, as well as documenting the outcomes of the research.
● Integrate SAST/DAST in CI/CD and operational pipelines.
● Create and manage tools (e.g., web security scanners) to help test and monitor product security.

TECHNICAL REQUIREMENTS
- 3 or more years of relevant experience in e-commerce, SaaS or similar.
- Technical experience in JavaScript/TypeScript and Go or Python.
- Technical expertise in secure software development, modern DevOps practices and tools.
- Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10
- Knowledge of common and emerging security threats.

An ideal candidate would be someone who
● Is open-minded and actively asks questions, listens, and adjusts your points of view accordingly and respects other people’s opinions.
● Is able to communicate effectively with different stakeholders.
● Is able to stay focused on the tasks, prioritize them, and control your time effectively.
● Is able to work closely with other teams and independently.
● Has prior experience in continuous security cycle implementation for web applications.
● Has experience with malware analysis; reverse engineering is also a plus.
● Has experience with GCP

НАШ СТЕК
- Микросервисная архетиктура на Go + немного на Python
- GCP

Процесс собеседования в 2 этапа:
- ознакомительное интервью 30 мин
- техническое интервью с тестовым заданием 60 мин
- если подходим друг другу - офер

Мы предлагаем:
- Гибкий график
- Небольшая и дружеская команда
- Заработная плата каждые 2 недели в USD, либо USDT
- Занятия английским с преподавателем
- Тимбилдинги в разных странах

About Webdevelop Pro

Webdevelop is a small UA company founded by IT engineers. Our core value is an engineering culture focused on solving real problems. Since 2018 we are a micro technology development center for a large and successful American investment platform.
Our team is passionate about human-centric experience strategy, design, and development and enjoys delivering amazing concepts and digital solutions for our clients.
Our teamwork practices are powered by Agile methodology. We have fun and enjoy hanging out with each other in a culture that supports and celebrates our diverse talents, backgrounds, and skills.

WHAT WE OFFER YOU:
- Business scope, challenges and tasks that constantly improve your professional qualifications
- The ability to build a high-quality and necessary product
- Extensive opportunities for personal growth -our teammates take the initiative and can make independent decisions
- Adequate management and a friendly team that helps you achieve results
- Paid Official Ukrainian holidays, 5 working days of vacation and 3 days of paid sick leave
- Сorporate events 2 times a year
- Paid English classes or gym;
- Flexible work schedule, ability to work remotely, from the office, or combine.

Company website:
https://webdevelop.pro

DOU company page:
https://jobs.dou.ua/companies/webdevelop-pro/