Application Security Engineer - Madrid, España - Acronis
Descripción
Acronis is a world leader in cyber protection—empowering people by providing them with cutting-edge technology that enables them to monitor, control, and protect the data that their businesses and lives depend on.
We are in an exciting phase of rapid-growth and expansion and looking for someone who is ready to join us in creating a #CyberFit future and protecting the digital worldWHAT YOU'LL DO
- Threat modeling: Think about how attackers can compromise a system and what protections are needed against them
- Secure Software Development Lifecycle: Help developers write secure code that minimizes vulnerabilities by implementing secure coding standards, techniques, and best practices
- Conduct security assessments for software components developed in the company
- Validate external security reports and bug bounty submissions
- Take part in the SLDC process development and implementation
- Your typical day will look like:
- A call or two with Development, Product Management teams to discuss security-related issues
- Penetration test of new features
- Work with the Infrastructure Security and Security Compliance teams on projects like security hardening of existed
- Helping other security teams with expertise, knowledge, and advice
WHAT YOU BRING (EXPERIENCE & QUALIFICATIONS)
- 2+ years experience in Application Security
- Strong knowledge of the modern web/ mobile/ network security
- Understanding of security models of Web/REST API, cloud, mobile and desktop apps
- Hands on experience with security assessment tools and attack techniques. You should be able to go well beyond inserting a quote in URLs
- Code assessments in programming languages Go, Python, JavaScript. Basic programming skills with Go, Python or another language will come handy
- Published security research, open source tools, blog posts, proven history of bug bounty programs participation considered a strong advantage
- Readiness to answer in an interview the following questions:
- What is the Same Origin Policy? Share your knowledge about Cross-site scripting contexts
- Describe any attack like SQL injection, XXE, SSRF, or any other. Suggest right fixes and possible bypasses
- How to count possible compromised accounts?
- To write a simple exploit or a few lines of code that allows checking some kind of attacking vector
- We also would like to know what is your favourite security field and where do you want to know more
- At least Upperintermediate level of English
WHO WE ARE:
Founded in Singapore in 2003 and incorporated in Switzerland in 2008, Acronis now has more than 2,000 employees and offices in 34 locations worldwide.
LI-WC1
Más ofertas de trabajo de Acronis
-
Partner Success Manager with German
Málaga, España - hace 1 semana
-
Technical Support Specialist with Spanish and French
Barcelona, España - hace 1 semana
-
Director Product Management
Madrid, España - hace 5 días
-
Growable Partner Success Manager with English
Barcelona, España - hace 1 semana
-
Renewals Representative
Madrid, España - hace 1 día
-
Technical Support Specialist with Spanish and French
Barcelona, España - hace 6 días