دیجی‌پی | Digipay

تاسیس در ۱۳۹۷ مالی و اعتباری ۲۰۱ تا ۵۰۰ نفر www.mydigipay.com

استخدام Application Security Engineer

دسته‌بندی شغلی

وب،‌ برنامه‌نویسی و نرم‌افزار
موقعیت مکانی

تهران ، تهران
نوع همکاری

تمام وقت
حداقل سابقه کار

کمتر از سه سال
حقوق

توافقی

شرح موقعیت شغلی

Application Security specialists work closely with development teams, product managers (PM), and third-party groups (including the paid bug bounty program) to ensure that GitLab products are secure. By leveraging diverse technologies and an automation first approach, the Security Automation team strives towards improving the efficiency, effectiveness, and accuracy within GitLab's Information Security program

Application Security Responsibilities

Perform vulnerability management and be a subject matter expert (SME) for mitigation approaches
Support and evolve the bug bounty program or internal and external pen tests
Conduct risk evaluation of GitLab product features
Conduct application security reviews, including code review and dynamic testing.
Participate in initiatives to holistically address multiple vulnerabilities found in a functional area
Collaborate with product teams to ensure that the GitLab product meets security automation requirements for ourselves and our users
Develop security training and socialize the material with internal development teams
Develop automated security testing to validate that secure coding best practices are being used
Facilitate preparation of both critical and regular security patches and releases
Guide, advise, and assist product development teams as SMEs in the area of application security
Assist with recruiting activities and administrative work

Application Security Requirements

Familiarity with common security libraries, security controls, and common security flaws that apply to Java, .Net and web applications
Some development experience (JS or Python preferred)
Experience with OWASP, static/dynamic analysis, and common exploit tools and methods
An understanding of network and web (Internet security) related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Familiarity with cloud security controls and best practices
Solid understanding of the DevOps and experience with Docker and K8s a plus

معرفی شرکت

دیجی‌پی یک استارتاپ جوان در حوزه پرداخت الکترونیک با مجوز پرداخت‌یاری است که حاصل ادغام استارتاپ هُماپی در هلدینگ دیجی‌کالا است.
دیجی‌پی در سال ۱۳۹۷ عضوی از خانواده دیجی‌کالا شد. هدف گروه دیجی‌کالا از ورود به حوزه فینتک، ارائه سرویس‌های پرداخت الکترونیک با پایداری بالا و بهترین تجربه برای مشتری بود. به دنبال تعریف این هدف، مسیر توسعه سرویس‌های دیجی‌پی مشخص شد.
محصولات شرکت:
-(Smart IPG) درگاه پرداخت هوشمند اینترنتی
-(Refund) بازگشت وجه به مشتری
-(Payout) پرداخت وجه با کیف پول تجاری
-اپلیکیشن موبایل دیجی‌پی
-(Smart Dashboard) داشبورد هوشمند
-کیف پول خرید اقساطی