استخدام Application Security Engineer

شرح موقعیت شغلی

• Perform vulnerability management and be a subject matter expert (SME) for mitigation approaches
• Support and evolve the bug bounty program or internal and external pen tests
• Conduct risk evaluation of GitLab product features
• Conduct application security reviews, including code review and dynamic testing.
• Participate in initiatives to holistically address multiple vulnerabilities found in a functional area
• Collaborate with product teams to ensure that the GitLab product meets security automation requirements for ourselves and our users
• Develop security training and socialize the material with internal development teams
• Develop automated security testing to validate that secure coding best practices are being used
• Facilitate preparation of both critical and regular security patches and releases
• Guide, advise, and assist product development teams as SMEs in the area of application security
• Assist with recruiting activities and administrative work

• Familiarity with common security libraries, security controls, and common security flaws that apply to Java, .Net and web applications
• Some development experience (JS or Python preferred)
• Experience with OWASP, static/dynamic analysis, and common exploit tools and methods
• An understanding of network and web (Internet security) related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Familiarity with cloud security controls and best practices
• Solid understanding of the DevOps and experience with Docker and K8s a plus

مهارت‌های مورد نیاز

• Security
• OWASP
• Python

حداقل سابقه کار

• کمتر از سه سال

جنسیت

• مهم نیست

وضعیت نظام وظیفه

• معافیت دائم پایان خدمت

ارسال رزومه