Platform Security Engineer
New
Georgia, Poland, SerbiaFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years in information security, including 3+ years in product security
- Required Skills
- SQLElasticSearchOAuth
Requirements
- 5+ years in information security, including 3+ years in product security.
- Hands-on experience operating a WAF (e.g., Wallarm, Akamai, or Cloudflare).
- Proven experience with API security, including OWASP API Security Top 10 and API gateway usage.
- Experience with anti-bot solutions involving fingerprinting and behavioral detection.
- Practical understanding of DDoS mitigation across L3–L7.
- Experience running a vulnerability management process (CVSS, prioritization, and remediation SLAs).
- Experience coordinating pentest projects and driving report remediation.
- Strong understanding of OAuth, OIDC, session management, and JWT.
- Practical SQL and Elasticsearch skills for log analysis, investigations, and monitoring.
Responsibilities
- Improve and maintain perimeter and network-layer defenses such as WAF, rate limiting, anti-bot, and DDoS mitigation.
- Secure product APIs against abuse and anomalous traffic.
- Strengthen authentication, authorization, and access control at the product level.
- Execute the vulnerability management process including identification, prioritization, and remediation tracking.
- Coordinate external pentests and manage findings remediation.
- Lead incident response for product security incidents.
- Build detection and response processes in collaboration with the monitoring team.
- Support Fraud & Trust and Safety initiatives.
- Protect customer data via access control, encryption, and masking.
- Operate the Security Champions program and manage the Bug Bounty program.
View Full Description & ApplyYou'll be redirected to the employer's site