Security Engineer

Yesterday

Apply Now

Receive Emails with Similar Jobs

Chess.com

WebsiteLinkedInAll Job Openings

chess • online chess

501 - 1000 employees

Founded 2007

🎮 Gaming

📚 Education

📱 Media

💰 Private Equity Round on 2022-01

Description

• Triage, reproduce, and assess vulnerabilities submitted through the Bug Bounty Program, and work with the Engineering Teams to close the discovered gaps. • Work closely with the Engineering Teams to perform Threat Models of their solutions, acting as a security advisor when appropriate, and ensuring designs are vetted and adhering to security industry standards. • Review Penetration Testing results and SIEM reports. • Translate the findings into actionable tasks in Jira and track them to completion. • Apply updates to the WAF and various other security systems where applicable, and/or support the Engineering Teams to address findings. • Evaluate security software and systems used by the company. • Attend product demos to help determine the best solution for our company. • Lead these efforts from beginning to end. • Act as a security expert, guiding developers and projects to ensure security best practices. • Be a security advocate in Slack and Zoom meetings. • Proactively joining slack conversations to represent Security and provide guidance.

Requirements

• 3+ years professional experience in web application security • Strong written communication skills in English • Familiarity with Burp Suite or similar tools for viewing and tampering with web requests • Prior experience with a Bug Bounty program is a plus • Experience in Python, PHP or JS • Strong collaboration and communication skills working in a fully distributed team primarily using Slack and some Zoom meetings • Programmer mindset. We prefer to automate software that defends our systems. • Sense of ownership and responsibility • Chess player • Lifelong learner