Snapp is the pioneer provider of ride-hailing mobile solutions in Iran that connects smartphone owners in need of a ride to Snapp drivers who use their private cars to offer transportation services. We are ambitious, passionate, engaged, and excited about pushing the boundaries of the transportation industry to new frontiers and being the first choice of each user in Iran.
Responsibilities:
Consult with developer teams on secure coding practices
Triage and validate security vulnerabilities found or reported, and serve as a Subject Matter Expert in AppSec to the developer team in identifying mitigation solutions
Create threat models of new applications and features to systematically understand how they can be attacked in order to prioritize control development
Partner with teams from Developer, DevOps, and product working together to build and deliver secure products
Perform penetration testing
Integrate SAST/DAST into CI/CD pipeline
Make suggestions for security improvements
Stay updated with cloud-native security trends. Keep abreast of the latest security threats, vulnerabilities, and best practices in cloud-native environments. Research emerging security technologies and tools specific to cloud-native architectures and provide recommendations for their implementation.
Perform ongoing application security testing and code review to improve software security
Technical Skills:
Have in-depth experience in Penetration Testing in Web and API
Experience with multiple languages such as Go, Java, PHP, etc., and understanding how to detect and remedy related security issues such as OWASP top 10.
Knowledge of common web application security vulnerabilities (e.g., OWASP Top 10) and corresponding mitigation techniques.
In-depth knowledge of cloud-native security principles, best practices, and technologies
Ability to discover the business logic vulnerability
Have code proficiency using one or more of the following languages, such as Python, Go, PHP, or Bash
Have in-depth knowledge of security tools including Kali, Burp Suite
Hands-on experience implementing and tuning SAST/DAST in CI/CD
Understanding of DevOps, CI/CD environments, familiarity with Docker/OKDGeneral Skills
General Skills:
Excellent written and verbal communication skills in English.
Effective collaboration and team integration.
Strong problem-solving abilities through imaginative and creative thinking.
Maintain an insatiable curiosity and an aggressive outsider mindset.
Team work(Essential)
Attention to detail(Essential)
Job-focused Learning(Essential)
Accountability(Essential)
Technical Expertise(Essential)
Result Oriented(Essential)
معرفی شرکت
اسنپ محصولی ایرانی است که از تیمی خلاق، جوان و تحصیلکرده قدرت میگیرد و در تلاش است تا صنعت فناوری اطلاعات و ارتباطات را به زندگی روزمره جامعه پیوند بزند.
اهداف بزرگی در سر داریم و بلند پروازیم. قصد داریم اسنپ را به بهترین راهکار برای سفرهای درونشهری ایران تبدیل کنیم و در این راه به کمک افراد خلاق، سختکوش و بلندپرواز احتیاج داریم. اگر چنین خصوصیاتی دارید خوشحال میشویم که رزومه خود را برایمان ارسال کنید.