Vaga de Application Security Engineer Threat Modeling US-based Product Company
1 vaga: | Publicada em 05/07
A combinar
Sobre a vaga
About Us:
Prometeo Talent is a #1 rated Recruitment Agency spread throughout America and Europe. We excel in connecting companies with exceptional tech and engineering professionals. Our HR and recruitment professionals are always ready to help companies and people find their right match. We have partnered with a US-based Product Company looking to expand their team . They develop management products that help lots of companies worldwide improve their efficiency and streamline their work. They have a global team and are currently interested in hiring someone based in Colombia, Brazil or Ecuador Our Proposal:
We are looking for an Application Security Engineer role! It's not just any job,
it's about company-wide visibility! You'll be the shield ensuring our 10,000+
customers stay safe in the Managed-Service-Provider world and in corporate IT
domains. Working closely with our client development, platform, and product teams,
you'll embed security into every stage of our product lifecycle. We need someone
who's a ninja at defining security requirements, conducting app security
assessments, and guiding developers through fixes. One day you're assessing a new
system, the next you're coaching on best practices. Not only will you be the
guardian of security, but you'll also be a mentor and leader to our junior team
members, guiding them to become security experts in their own
right. Responsibilities: Anticipate possible security threats and identify
areas of weakness in Ninjas environments and software. Partner with Ninja
Engineering to perform code analysis of large applications manually and with the
assistance of SAST and DAST tools. Partner with engineering in triaging the
reported findings by SAST, DAST, SCA, SBOM, and similar products to reduce
potential False-positive rates. Perform security architecture design reviews of
our products and infrastructure. Identify and perform well-controlled security
vulnerability hunting through source code reviews and penetration testing of
Ninjas environments and software. Provide remediation guidance and
recommendations to developers and platform engineers. Work with Engineering
Managers team to help perform threat modeling of features and to prioritize and
validate the urgency of identified vulnerabilities and security enhancement
requests. Identify knowledge gaps and define security best practices for
development teams to understand, follow, and receive training for. Develop
comprehensive and accurate reports and presentations for both technical and
executive audiences (may be internal to Ninja, or external such as
prospects/clients or media). What do we offer? Fully remote work The company
provides you with the equipment Flexible working hours Flexible PTO
Compensation package in USD