وال ایت | Wallit s.r.o

کامپیوتر، فناوری اطلاعات و اینترنت ۱۱ تا ۵۰ نفر codetech.cc/

فرصت‌های شغلی ۲

استخدام Remote) Security Engineer)

دسته‌بندی شغلی

وب،‌ برنامه‌نویسی و نرم‌افزار
موقعیت مکانی

تهران ، تهران
نوع همکاری

تمام وقت دورکاری
حداقل سابقه کار

بیش از شش سال
حقوق

از ۵۰,۰۰۰,۰۰۰ تومان

شرح موقعیت شغلی

Security Engineer

Responsibilities:

The candidate will work with engineering and operation teams across the company to review and validate the security postures of application features before product release. This includes architecture guidance for common vulnerabilities, such as Remote Code Execution (RCE), Privilege Escalation, misconfiguration, and other OWASP top 10 vulnerabilities (SQL injection, XSS, broken access control, etc).
Perform in-depth security review of new application features and functionalities. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE, etc.), reviewing code in C#, GoLang, Rust, and/or node JS, verifying security posture through pen-test (using manual/automated techniques with tools like Kali Linux, Burp suite, Checkmarx, WebInspect).
Partner with the Software development team, SaaS Operations, and Engineering teams to evaluate, select, and implement WAF services at scale Work with Engineering teams to coordinate WAF onboarding, explaining and coordinating any architectural or configuration changes required to support WAF deployment.
Participate in technical design activities to ensure a sound design and any infrastructure impact are understood.
Review vulnerability scan output and assess where WAF configuration can be used to mitigate attacks.
Participate in technical design activities to ensure a sound design and any infrastructure impact is understood.

Requirements:

Relevant Experience or a Degree in Information Security or Computer Science is preferred; other majors will be considered.
Strong scripting skills (Shell, Python, Batch, Power Shell, etc).
Prefer experience with WAF solutions.
2+ years Experience in multiple programming languages, preferably C#, Go, Node JS, Rust and Python. (Both writing and analyzing).
Experience with web-based attacks, OWASP Top 10 web vulnerabilities, web application testing with tools like BURP Suite or Zed Attack Proxy (ZAP), and extensive knowledge of networking protocols like TCP, WebSockets, gRPC, and HTTP/2.
Experience in defining and implementing Technical controls, including preventative and detective
Strong knowledge of security best practices, compliance standards, and industry regulations
Understanding of cryptographic primitives and protocols and their implementations in the cloud environment

Nice to Haves:

Involved in Bug Bounty program (Need to provide evidence).
Participating and winning in a Capture the Flag (CTF) event or cyber challenge event is a plus. (Need provide evidence)

Benefits:

Remote.
$10 hourly Rate.
Paid in crypto.

معرفی شرکت

شرکت وال‌ایت در حوزه‌ی بلاکچین، سرویس‌های Decentralized، احراز هویت بر روی بلاکچین، درگاه پرداخت کریپتوکارنسی، صرافی کریپتوکارنسی، پلتفرم‌های Meeting و Video Streaming به صورت peer-to-peer فعالیت می‌کند.
تمرکز اصلی شرکت بر ارائه سرویس‌های غیرمتمرکز (Decentralized) و مبنی بر بلاکچین است.