Lead Application Security Engineer / DevSecOps Engineer (worldwide remote)
Company:Cloudlinux
Location:Georgia, Spain, Poland, Montenegro, Armenia
Languages:English
Seniority level:Lead, 3+ years
Experience:3+ years
Skills:
Backend DevelopmentDockerPythonCloud ComputingCybersecurityFrontend DevelopmentKubernetesOAuthSoftware ArchitectureCI/CDRESTful APIsLinuxDevOpsMicroservicesScripting
Requirements:
Good technical knowledge and deep understanding of security, including web applications security (backend and frontend), penetration testing, and modern security mechanisms. Experience in assessing the security of Web applications (at least 3 years) and Binary applications. Deep understanding of modern web technologies (OAuth, JWT, CORS, CSP, SOP, SameSite, etc.) and architectures. Relevant education or a good understanding of information security and information technologies basics. Experience coding/scripting in one or more general-purpose languages. Deep understanding of Linux architecture and security stack. Experience in binary vulnerabilities and exploitation. At least an upper-intermediate level of English proficiency.
Responsibilities:
Perform a security review of the company's external services. Design and implement recommendations for security hardening. Participate in all steps of SDLC as a security engineer. Design and review new features to implement the Security by Design principle. Call attention to risks and drive actions to address those risks to protect users.
