My client is a VERY well funded IoT startup, rapidly expanding to a >$1bn valuation in two years. They have built a world-class engineering team they are looking to expand, and bring in a Senior Security Engineer, to handle day-to-day, hands-on engineering of their applications.
We are looking for a Senior Security Engineer to join a high-pressure, agile environment, protecting critical assets - You will have a real genuine passion for InfoSec and have that real hacker mentality... BREAK THINGS!
On offer is a very competitive salary package, excellent benefits and options/equity
THE CLIENT WILL CONSIDER PEOPLE WORKING IN OTHER STATES & GIVE A RELOCATION PACKAGE, FOR THE RIGHT CANDIDATE
- Assist with day-to-day security engineering requirements - code review, penetration testing, vulnerability management, triaging/resolving open issues
- Take ownership of threat models, secure software test plans, policy, and procedures for product engineering/testing
- Deliver hands-on secure code training to the engineering team, when new applications go into production
- Use scripts to develop tools for automating security testing
Experience & Requirements:
- At least 4 years' experience as a penetration tester, ideally in a team-lead position, overseeing multiple urgent projects simultaneously
- Software Engineering background - Programming skills - Go, Python, Java, Scala, Ruby
- Experience in secure application programming, code reviewing, and penetration testing web-based application - Mobile testing would be a big advantage
- Detailed, hands-on experience with industry-leading log management security tools - e.g Splunk
- Expert in scripting, in multiple languages - Python, Ruby, Perl, Bash
- At least one active security certification, such as GPEN, OSCP, OSCE, GWAPT, GCIH - an active CISSP would be advantageous
**Must have authorization to work in the United States - No 3rd Party - No Remote**