Security Engineer

Security |

Primary Responsibilities

Enchancement of Mobile, Web, Cloud and corporate security
Security expert for application developement, service architecture design
Bulding Corporate Standarts in accordance with Industry Compliance Requirements (ISO 27001)
Providing significant input to form Security culture within the company

Required Skills & Abilities

3+ years experience within Information Security field
Understanding cryptography concepts (Hashing, Salting, Symmetric/asymmetric cryptography, Digital signatures, Non-repudiation)
security knowledge in: Mobile Applications, Web Applications, Cloud Security, Networks, Operating systems
Strong understanding/knowledge of the security testing methodologies
Understanding risk Assessment/Threat Modeling processes
Understanding how to identify malicious code and activity
Understanding and have practical experience in Technical controls, Operational Controls, Managing Controls
Strong understanding of Vulnerability Managements process and common remediation approaches as published by industry standarts OWASP, SANS, NIST etc
Understanding and have a practical expirience of building the Secure Software Development Lyfecycle phases (DevSecOps)
Understanding Identity Management principles: SSO, OAuth, JWT, SAML
Understanding Access Controls principles (Discretionary/ Non-Discretionary, Rule set–Based (RSBAC), Role-Based (RBAC), Mandatory, Attribute-Based access controls)
Experience with wrting scripts for automation
Excellent written and verbal communication skills, be able to present technical information to both engineering and non-engineering audiences
Ability to build solid relationships with surrounding teams
Understanding of relevant information security governance, technical and security standards, and regulations. (i.e. ISO 27001, GDPR, NIST Cybersecurity framework).

Preferred skills

Understand Business Continuity principles (Be able to understand BIA, DRP strategies Understanding MTD/ MTPOD, RTO RPO concepts)
Understanding and have practical experience in Disclosure Controls practices (Technical controls, Operational Controls, Managing Controls)
Industry certifications are considered as a plus
Understanding Secret Management process. (SSM, Vault, Thycotic, CyberArk)
Knowledge on how to test code for security quality (JS, Python, Java)
Understand Security Monitoring concepts. Have practical experience with the Event Correlation Systems (IDS/IPS, SIEM, Cloud Specific )

What we offer:

A chance to improve lives of millions of women worldwide
Ability to contribute to a world-class product with a large user base
Professional development opportunities in a highly skilled and motivated team
Competitive salary
Strong management with a proven track record of successful projects, including MSQRD, AIMatter, Maps.me

Our benefits include:

Apply