Stockbit
We help millions of our customers to invest and achieve a better future. Let's join and #TumbuhBersama with us!
Financial Social Network • Investor Research Tools • Real-Time Cloud Charting • investment • fintech
501 - 1000
💰 $35M Series C on 2021-01
Application Security Engineer
July 23
Stockbit
We help millions of our customers to invest and achieve a better future. Let's join and #TumbuhBersama with us!
Financial Social Network • Investor Research Tools • Real-Time Cloud Charting • investment • fintech
501 - 1000
💰 $35M Series C on 2021-01
Description
• Secure Code Review: Conduct thorough code reviews to identify and address security flaws, including vulnerabilities like SQL injection, cross-site scripting (XSS), and insecure direct object references (IDOR). • Security Testing: Design and execute various security tests, such as penetration testing, vulnerability scanning, and static/dynamic analysis, to proactively uncover weaknesses in the application. • Threat Modeling: Collaborate with development teams to identify potential threats and vulnerabilities, assess their impact, and develop effective mitigation strategies. • Bug Bounty: Triage and validate bug reports submitted by external researchers. • Security Architecture: Provide guidance on secure architecture and design patterns to ensure that security is built into the application from the ground up. • Incident Response: Assist in the investigation and remediation of security incidents, working to minimize the impact and prevent future occurrences. • Security Awareness: Educate development teams about security best practices and promote a culture of security within the organization. • Stay Informed: Keep up-to-date with the latest security trends, vulnerabilities, and attack techniques to ensure the application remains protected against evolving threats.
Requirements
• Bachelor's degree in Computer Science, Engineering, or a related field. • At least 3 years of experience in application security, secure coding practices, and vulnerability management. • Strong understanding of web application vulnerabilities, OWASP Top 10, and modern attack vectors. • Hands-on experience with web application security testing tools such as Burp Suite, OWASP ZAP, etc. • Experience with secure coding practices and common programming languages (e.g., Java, Python, JavaScript). • Knowledge of cloud security principles and best practices. • Certifications such as CISSP, CEH, or OSCP are a plus. • Strong problem-solving and analytical skills. • Excellent communication and collaboration abilities to work effectively with cross-functional teams.
Benefits
• Capital market sharing session • Self development program • Health insurance benefits • Well being and counseling program
Apply Now