Application Security Tooling Engineer III
2 dni temu
Box is the world's leading Content Cloud, trusted by more than 115,000 organizations worldwide, including nearly 70% of the Fortune 500. We empower our customers to transform workflows across their organizations by bringing intelligence to the world of content management.
Job DescriptionWe are seeking an Application Security Engineer with a strong grounding in application security, penetration testing, and experience with SAST, DAST, and SCA tools. This person will detect and analyze vulnerabilities, optimize and automate testing solutions, and devise mitigation strategies.
Key Responsibilities- Build and maintain CI/CD secure tooling and support other security tools as well as automate tools and processes (SAST, DAST, SCA)
- Provide vulnerability risk and remediation analysis
- Penetration testing
- Optimizing vulnerability detection tools
- Grow your AppSec skills to widen your responsibilities
- Define how we establish, grow, and expand our partnerships with Box engineering organizations
- Contribute to the development of Secure Design Patterns
- Conduct Bug Bounty issue evaluation, reproduction, and recommendations
- Help develop and deliver Security Education and Training - prepare materials and communication through diverse parts of the organization
- Plan and perform penetration testing
- Test application code with the OWASP Testing Methodology
- 3+ years previous experience in Application security /red team/DevSecOps with a strong focus on security tool onboarding and/or optimization
- Knowledge of OWASP Top 10, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Threat Modeling
- Experience with security testing tools, software vulnerability management, including thorough vulnerability risk analysis and mitigation plans
- Familiarity with multiple languages such as Java, React, Node JS, PHP, Scala, C and/or Python
- Understanding of how to detect and prioritize Front End, API's, Microservices and Container vulnerabilities
- Familiar with common build/automation tooling: ex. Jenkins, GIT
- You understand application security fundamentals, OWASP vulnerabilities and their mitigations
- You understand secure engineering best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences
- You are either a passionate security minded devsecops/software engineer/devops who has been a part of building high quality applications and services
- You have a growth mindset, push yourself towards excellence and focus on continuous functional improvements
- You are a curious person who looks at problem statements and can clearly propose actionable solutions
- You have a passion for cyber security demonstrated through participation/leadership in conferences, webinars, Capture the Flag (CTF), TryHackMe, HacktheBox, Bug Bounty, Submission of CVEs and/or personal projects
- Good understanding of past, current, and emerging security exploits
myGwork is the largest global platform for the LGBTQ+ business community. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation.
-
Application Security Tooling Engineer III
6 dni temu
Warsaw, Polska myGwork Pełny etatThis job is with Box, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. WHAT IS BOX? Box is the world's leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders...
-
Application Security Tooling Engineer III
8 godzin temu
Warsaw, Polska myGwork Pełny etatJob DescriptionThis role is with Box, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.What is Box?Box is the world's leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500...
-
Application Security Tooling Engineer III
4 miesięcy temu
Warsaw, Polska Box Pełny etatWHAT IS BOX?Box is the world’s leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders across deeply regulated industries (such as AstraZeneca, JLL, and Nationwide), to protect their data, fuel collaboration, and power critical workflows with secure, enterprise AI.By...
-
Security Tooling Engineer II
5 miesięcy temu
Warsaw, Polska Box Pełny etatWHAT IS BOX?Box is the world’s leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders across deeply regulated industries (such as AstraZeneca, JLL, and Nationwide), to protect their data, fuel collaboration, and power critical workflows with secure, enterprise AI.By...
-
Application Security Engineer
3 tygodni temu
Warsaw, Polska XPERI Poland Pełny etattechnologies-expected : C Java responsibilities : Collaborate with Development and Operation Teams to build and operate secure products. Maintain the trust of Customers by protecting sensitive data and protecting the Organization from breaches. Conduct Security reviews and Threat Modeling. Help integrate security tools and processes. Respond to Security...
-
Application Security Engineer
3 tygodni temu
Warsaw, Polska The Stepstone Group Polska sp. z o.o. Pełny etattechnologies-expected : Python Bash AWS Microsoft Azure Google Cloud Platform about-project : As an Application Security Engineer, you will play a pivotal role in safeguarding our organization's applications and data. You will work closely with development teams to integrate security tools into our CI/CD pipelines, ensuring that security is baked into the...
-
Application Security | AppSec Engineer
3 tygodni temu
Warsaw, Polska capital.com Pełny etatWe are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team. We are currently looking...
-
Senior Cloud Application Security Engineer
1 miesiąc temu
Warsaw, Polska Sportradar Pełny etatJob DescriptionSenior Cloud Application Security EngineerSportradar is the leading global provider of sports data and entertainment products and services. Since 2001, we have occupied a unique position at the intersection of the sports, media and betting industries; providing sports federations, news media, consumer platforms and sports betting operators...
-
Senior Cloud Application Security Engineer
6 dni temu
Warsaw, Polska Sportradar Pełny etatJob DescriptionSenior Cloud Application Security EngineerLocation: Warsaw (Hybrid) or Anywhere from Poland (Remote)Sportradar is the leading global provider of sports data and entertainment products and services. Since 2001, we have occupied a unique position at the intersection of the sports, media and betting industries; providing sports federations, news...
-
Application Security Engineer @ Mindbox S.A.
9 godzin temu
Warsaw, Polska Mindbox S.A. Pełny etatCreating an inspiring place to thrive for the talented, we use their expertise and courage to introduce the technology of the future into your business. - This is the foundation of Mindbox and the goal of our business and technology journey. We operate and develop in four areas: Autonomous Enterprise - automation of business processes using RPA, OCR,...
-
Senior Cloud Application Security Engineer
2 dni temu
Warsaw, Polska Sportradar Polska Sp. z o.o. Pełny etatAbout the RoleWe are seeking a highly skilled Senior Cloud Application Security Engineer to join our team at Sportradar Polska Sp. z o.o. The successful candidate will be responsible for ensuring the security of our cloud-based applications and infrastructure.Key ResponsibilitiesRespond to identified vulnerabilities in our applications and cloud environments...
-
Application Security Engineer
5 miesięcy temu
Warsaw, Polska Goldman Sachs Pełny etatBusiness Unit Overview Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our...
-
Application Security Expert
4 miesięcy temu
Warsaw, Polska T-Mobile Polska S.A. Pełny etatOpis stanowiska: · Identify opportunities to automate and standardize application security controls and cooperate with the CICD team · Analyze source code to mitigate identified weaknesses and vulnerabilities · Create guidelines and application security standards · Review and check...
-
Application Security Expert
4 miesięcy temu
Warsaw, Polska T-Mobile Pełny etattechnologies-expected : AWS HTTP HTML5 AJAX REST Kubernetes about-project : T-Mobile Poland is a leader in telecommunication, dedicated to providing innovative solutions that drive growth and efficiency for our clients. Our commitment to security and integrity is at the forefront of our operations, and we are seeking a talented Application Security Expert...
-
Senior Cloud Application Security Engineer
4 dni temu
Warsaw, Polska Sportradar Polska Sp. z o.o. Pełny etattechnologies-expected : Java .NET Python JavaScript AWS Kubernetes Protobuf gRPC GraphQL MySQL Kafka technologies-optional : Google Cloud Platform about-project : The Senior Cloud Application Security Development professional will be part of the Secure Software Development team within Product Security, dedicated to fixing identified application-level...
-
Product Security Engineer
4 dni temu
Warsaw, Polska myGwork Pełny etatThis job is with Warner Bros. Discovery, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Welcome to Warner Bros. Discovery... the stuff dreams are made of. Who We Are... When we say, "the stuff dreams are made of," we're not just referring to the...
-
Product Security Engineer
6 dni temu
Warsaw, Polska myGwork Pełny etatThis job is with Warner Bros. Discovery, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Welcome to Warner Bros. Discovery... the stuff dreams are made of. Who We Are... When we say, "the stuff dreams are made of," we're not just referring to the...
-
Senior Appliaction Security Engineer
1 miesiąc temu
Warsaw, Polska Mindbox S.A. Pełny etattechnologies-expected : Python technologies-optional : Java about-project : We’re looking for an application security engineer to join our growing Security team. You’ll play a key part in securing everything we develop. We are building solutions to provide mobile and web banking services and Banking as a Service (embedded finance) to enable companies...
-
Product Security Engineer
1 miesiąc temu
Warsaw, Polska WARNERMEDIA Pełny etatWelcome to Warner Bros. Discovery⦠the stuff dreams are made of.Who We Are⦠When we say, âthe stuff dreams are made of,â weâre not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBDâs vast portfolio of iconic content and beloved brands, are the storytellers...
-
Cloud Security Engineer
3 miesięcy temu
Warsaw, Polska Sii Sp. z o.o. Pełny etattechnologies-expected : SAST DAST Container Scanning Cloud Apps Security DevOps/SecOps technologies-optional : Tanable about-project : We are seeking a skilled and motivated Cloud Security Engineer to join our dynamic Cybersecurity team. This role requires a deep understanding of solutions within the Container Security, and the openness to share knowledge...