Job ResponsibilityJob Summary:
Application security is now a must-have for all organizations and it is the first line of digital defense against malicious attacks. At INMAGINE, we're looking for Application Security Engineers who will ensure the company's applications are designed and implemented with high security standards and best practices. If you believe the best cyber defense is to think like an attacker, then we would like to hear from you. Apply to us today!
The Job:
1. Perform penetration test and static code analysis on both web and mobile based applications.
2. Review and audit code for common security vulnerabilities.
3. Review, analyze, and evaluate all internally developed application and procedures to address security requirements.
4. Develop tools to aid penetration test automation and effectiveness.
5. Promote and Empowering Developers on Security principles & coding practices.
6. Perform manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications.
7. Keep up to date with the hacking trends and ensure all Company's applications are protected.
8. Assist with audit and testing security of applications upon each product/version release.
The Person:
1. At least 3 years of working experience in IT security.
2. Experience with Cloud and virtualized technology in environments such as AWS.
3. Understanding of OWASP Top 10, WASC, and/or CWE 25 and familiar with common security libraries and applications.
4. Experience with penetration testing tools such as Burp Suite, Arachni and other open source tools.
5. Deep understanding of HTTP and SSL/TLS protocols, and Web technologies.
6. A good understanding of attacks such as injection (e.g. form parameter/SQL) and familiarity with common reconnaissance, exploitation, and post exploitation frameworks.
7. Deep understanding of authentication protocols and frameworks to include OAuth and AWS IAM.
8. Ability to automate tasks using a scripting language (Python, bash, etc).
9. Have knowledge of the latest industry trends and best practices in information security.
10. Positive attitude towards rapid learning.
11. Experience in bug bounty programs, CTFs and/or having InfoSec certifications (OSCP, OSWE, GXPN or other technical certifications relating to security testing) will be an added advantage.
12. Most importantly, you love security, you enjoy hacking, when you figure out how to exploit some tricky bug you feel happy for the rest of the day.
Job RequirementsJob Benifits
