Application Security Engineer / SecOps $6000-7500 Offline

Our project is https://acretrader.com/, AcreTrader launched in 2018 and has established itself as a leader in the farmland investment industry. We have it running on the Google Cloud Platform.

IN THIS ROLE YOU WILL:

● Implement and configure SecOps Pipelines

● Analyze system services, spotting issues in code and discovering security exposures.

● Develop mitigation plans and design technical solutions to address security weaknesses.

● Design and implement SDLC practices including code reviews, static/dynamic code analysis, and vulnerability assessments.

● Participate in and support application security reviews, including code reviews, third-party integration reviews, and dynamic testing.

● Perform security testing on our internal and external applications—including performing security code reviews, vulnerability assessments, and exploit development, as well as documenting the outcomes of the research.

● Integrate SAST/DAST in CI/CD and operational pipelines.

● Create and manage tools (e.g., web security scanners) to help test and monitor product security.

TECHNICAL REQUIREMENTS

- 3 or more years of relevant experience in e-commerce, SaaS or similar.

- Technical experience in JavaScript/TypeScript and Go or Python.

- Technical expertise in secure software development, modern DevOps practices and tools.

- Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10

- Knowledge of common and emerging security threats.

An ideal candidate would be someone who

● Is open-minded and actively asks questions, listens, and adjusts your points of view accordingly and respects other people’s opinions.

● Is able to communicate effectively with different stakeholders.

● Is able to stay focused on the tasks, prioritize them, and control your time effectively.

● Is able to work closely with other teams and independently.

● Has prior experience in continuous security cycle implementation for web applications.

● Has experience with malware analysis; reverse engineering is also a plus.

● Has experience with GCP

НАШ СТЕК

- Микросервисная архетиктура на Go + немного на Python

- GCP

Процесс собеседования в 2 этапа:

- ознакомительное интервью 30 мин

- техническое интервью с тестовым заданием 60 мин

- если подходим друг другу - офер

Мы предлагаем:

- Гибкий график

- Небольшая и дружеская команда

- Заработная плата каждые 2 недели в USD, либо USDT

- Занятия английским с преподавателем

- Тимбилдинги в разных странах