You are an application security engineer who wants to get in on the ground floor of one of NYC's most exciting startups. You are passionate about security, & want to build a secure product that will revolutionize an entire industry.
You love to learn, & equally love to share your knowledge with others. Youre both a listener & contributor. You are a great communicator & you take care to understand before making yourself understood.
We are looking for a security professional who is interested in working with a talented startup team in building secure, resilient, & high-performance website, mobile apps, & data services for the real estate industry. You will work with developers to make security & compliance available to be consumed as services. You will help architect secure web products, perform simulated attacks, identify weaknesses, & work with the engineers to remediate & protect our products. You will help us build security as code.
What We're Looking For:
- 3+ years of hands-on experience performing security tests & manual pentests on web applications, mobile apps, & web services (APIs).
- Understanding of application security vulnerabilities & remediation techniques.
- Knowledge & hands on experience with AWS cloud infrastructure & native security services such as Inspector, GuardDuty, Web Application Firewall, Security Groups, & CloudTrail.
- Proficiency in scripting languages such as Bash & Python.
- Knowledge of programming languages like Java, Python, & Golang.
- Knowledge of Linux operating system.
- Experience & knowledge of tools to facilitate secure SDLC controls (SAST, DAST, etc.).
- Bachelors degree in Computer Science or Engineering or commensurate experience.
- Professional certification such as OSCP, GWAPT, GWEB, GPEN preferred but not required.
Check out our Engineering blog!