Senior Security Engineer
As a Security Engineer, you will be a part of our security engineering team to work closely with development teams, product managers (PM), and third-party groups to architect, develop, and deploy security tools and technologies to ensure that Bayzat products are secure. Our platform is the core of our offering and you will be responsible to make it better every day. You will have the opportunity to work with the latest technologies and are expected to continuously get out of your comfort zone to learn new things and get your hands dirty. More importantly, we want you to take pride in the success of Bayzat, as it is under the ownership and responsibility of the entire team and that includes you!
What will you be doing?
- Analyze the vulnerability and penetration testing of Web application / Mobile application / Infrastructure / Cloud (AWS)/ Web APIs, and mitigate the vulnerabilities
- Support and consult with product and development teams in the area of application security
- Participate in and support application security reviews and threat modeling, including code review and dynamic testing
- Participate in automated security testing to verify that secure coding best practices are being used
- Participate in and support the preparation of security releases
- Act on security incidents identified through monitoring and alerting sources
- Write security reports including findings, conclusions, and recommendations for further system security improvements
What we are looking for?
- 4 to 5 years of experience as a security engineer
- Familiar with common security libraries, security controls, and common security flaws that apply to SaaS applications
- Experience with end-user security, server security, infrastructure security and data protection processes
- Ability to discover and patch security vulnerabilities and comfortable with standard web application security tools
- Thorough understanding of the latest security principles, techniques, and protocols
- Good communication skills, verbal and written
- Self-starter, proactive in resolving issues and removing roadblocks
- Adherence to security engineering best practices
- Willingness to learn and improve
- Desire to work within a remote and distributed team