Senior Security Engineer

August 27

Apply Now

Receive Emails with Similar Jobs

Bitwarden

WebsiteLinkedInAll Job Openings

Open source password management solutions for individuals, teams, and business organizations.

Password Management • Identity Management • Secret Management

51 - 200

Description

• Assist to provide guidance and subject matter expertise as it pertains to all areas of security and technical operations, including analysis of our cloud environments, security testing and documentation, as well as investigations, software research, new technology, services and tools research, and vendor security analysis • Stay informed on current security trends, publications, and advisories • Train others on the adversary simulation tactics and procedures used • Effectively communicate findings, attack paths, and recommendations to stakeholders • Manage software tools for code scanning, vulnerability identification, and finding reporting • Conduct internal penetration tests on systems and networks to determine realistic threat vectors • Coordinate technical validation and leadership review of purple team reports detailing testing results and potential areas of improvement • Contribute to resolutions for security-related issues • Participate in code reviews, learning and spreading technical knowledge about security posture • Include testing for web, mobile, CLI, and desktop application security issues across our multi-product portfolio, including Bitwarden Password Manager, Secrets Manager, and Passwordless.dev, our APIs, serverless functions, and database • Contribute to vulnerability testing and analysis as well as incident response and analysis • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to improve our offensive and defensive security controls • Coordinate internal red team testing operations that emulate a threat actor • Build threat models, conduct threat hunts, and plan and execute purple team engagements • Research emerging threats across the surface web, dark web, and deep web

Requirements

• Security purple team technocrat at heart, staying current with trends and new technologies • Ability to maintain discretion, handle sensitive information, and maintain security best-practices • Excellent problem-solving skills – you might not know all the answers, but you know how to find and communicate the solution • Excitement and enthusiasm for open source and for better internet security • Openness and authenticity combined with excellent communication skills • Collaborative and adaptable mindset • Strong working knowledge of vulnerability management tools, data and network security technologies • Understanding of authentication concepts, including OpenIDConnect, SAML, OAuth, and SSO flows • In-depth understanding and usage of application security testing technologies is a plus • In-depth knowledge of leading vulnerability management tools and strategies • Experience with Penetration Testing Tools, such as Burp Suite, NMAP, Nessus, Metasploit, Kali Linux, SQLMap, Owasp ZAP, and manual testing tools

Benefits

• Work remotely with motivated and supportive team members across the world and take part in productive and fun meetups. • Learn and grow professionally. Embrace the opportunity to build up your demand generation and product-led growth expertise in a fast-growing startup. • Become an expert in a growing market. You’ll get immersed in the prominent technology markets of security and open source software. • Our user community loves us and we love them. Come to work each day with a sense of purpose as we bring a more secure internet experience to everyone––from our friends and family to the world’s largest organizations.