Application Security Engineer - Madrid, España - Acronis

Acronis

Empresa verificada

Madrid, España

hace 1 semana

Publicado por:

Isabel García

beBee Recruiter

Descripción

Acronis is a world leader in cyber protection—empowering people by providing them with cutting-edge technology that enables them to monitor, control, and protect the data that their businesses and lives depend on.

We are in an exciting phase of rapid-growth and expansion and looking for someone who is ready to join us in creating a #CyberFit future and protecting the digital world

WHAT YOU'LL DO

Threat modeling: Think about how attackers can compromise a system and what protections are needed against them
Secure Software Development Lifecycle: Help developers write secure code that minimizes vulnerabilities by implementing secure coding standards, techniques, and best practices
Conduct security assessments for software components developed in the company
Validate external security reports and bug bounty submissions
Take part in the SLDC process development and implementation
Your typical day will look like:
A call or two with Development, Product Management teams to discuss security-related issues
Penetration test of new features
Work with the Infrastructure Security and Security Compliance teams on projects like security hardening of existed

components.

Helping other security teams with expertise, knowledge, and advice

WHAT YOU BRING (EXPERIENCE & QUALIFICATIONS)

2+ years experience in Application Security
Strong knowledge of the modern web/ mobile/ network security
Understanding of security models of Web/REST API, cloud, mobile and desktop apps
Hands on experience with security assessment tools and attack techniques. You should be able to go well beyond inserting a quote in URLs
Code assessments in programming languages Go, Python, JavaScript. Basic programming skills with Go, Python or another language will come handy
Published security research, open source tools, blog posts, proven history of bug bounty programs participation considered a strong advantage
Readiness to answer in an interview the following questions:
What is the Same Origin Policy? Share your knowledge about Cross-site scripting contexts
Describe any attack like SQL injection, XXE, SSRF, or any other. Suggest right fixes and possible bypasses

- (Windows Security) Your opinion about LPE from Admin to the System user

How to count possible compromised accounts?
To write a simple exploit or a few lines of code that allows checking some kind of attacking vector
We also would like to know what is your favourite security field and where do you want to know more
At least Upperintermediate level of English

WHO WE ARE:

Founded in Singapore in 2003 and incorporated in Switzerland in 2008, Acronis now has more than 2,000 employees and offices in 34 locations worldwide.

Its solutions are trusted by more than 5.5 million home users and 500,000 companies, and top-tier professional sports teams. Acronis products are available through over 50,000 partners and service providers in over 150 countries and 26 languages.

LI-WC1