Security Engineer

Security |

Primary Responsibilities

  • Enchancement of Mobile, Web, Cloud and corporate security
  • Security expert for application developement, service architecture design
  • Bulding Corporate Standarts in accordance with Industry Compliance Requirements (ISO 27001)
  • Providing significant input to form Security culture within the company

Required Skills & Abilities

  • 3+ years experience within Information Security field
  • Understanding cryptography concepts (Hashing, Salting, Symmetric/asymmetric cryptography, Digital signatures, Non-repudiation)
  • security knowledge in: Mobile Applications, Web Applications, Cloud Security, Networks, Operating systems
  • Strong understanding/knowledge of the security testing methodologies
  • Understanding risk Assessment/Threat Modeling processes
  • Understanding how to identify malicious code and activity
  • Understanding and have practical experience in Technical controls, Operational Controls, Managing Controls
  • Strong understanding of Vulnerability Managements process and common remediation approaches as published by industry standarts OWASP, SANS, NIST etc
  • Understanding and have a practical expirience of building the Secure Software Development Lyfecycle phases (DevSecOps)
  • Understanding Identity Management principles: SSO, OAuth, JWT, SAML
  • Understanding Access Controls principles (Discretionary/ Non-Discretionary, Rule set–Based (RSBAC), Role-Based (RBAC), Mandatory, Attribute-Based access controls)
  • Experience with wrting scripts for automation
  • Excellent written and verbal communication skills, be able to present technical information to both engineering and non-engineering audiences
  • Ability to build solid relationships with surrounding teams
  • Understanding of relevant information security governance, technical and security standards, and regulations. (i.e. ISO 27001, GDPR, NIST Cybersecurity framework).

Preferred skills

  • Understand Business Continuity principles (Be able to understand BIA, DRP strategies Understanding MTD/ MTPOD, RTO RPO concepts)
  • Understanding and have practical experience in Disclosure Controls practices (Technical controls, Operational Controls, Managing Controls)
  • Industry certifications are considered as a plus
  • Understanding Secret Management process. (SSM, Vault, Thycotic, CyberArk)
  • Knowledge on how to test code for security quality (JS, Python, Java)
  • Understand Security Monitoring concepts. Have practical experience with the Event Correlation Systems (IDS/IPS, SIEM, Cloud Specific )

 

What we offer:

  • A chance to improve lives of millions of women worldwide

  • Ability to contribute to a world-class product with a large user base

  • Professional development opportunities in a highly skilled and motivated team

  • Competitive salary

  • Strong management with a proven track record of successful projects, including MSQRD, AIMatter, Maps.me

 

Our benefits include:

  • getting stock options after the first year of work in the company

  • 60$ in a month for sports, medicine, trainings

  • modern office in “Dana Center’’

  • corporate events

  • participation in conferences and trainings

  • corporate library

  • flexible working day

  • 27 calendar days for vacation and 5 sick days