624
- Detailid
- Esmane info
- Ettevõte
Ootused kandidaadile
Malwarebytes is looking for..
A motivated and experienced Senior DevSecOps Engineer is needed to strengthen product security within our security-first company. As a hands-on engineer on our DevOps team, you will use modern tools and technologies to identify, address, and automate the prevention of security issues. The ideal candidate brings prior experience as an Application Security Engineer (ideally with desktop and mobile platforms), strong multi-cloud infrastructure management skills (primarily AWS), and a drive to learn new products while working independently.
Skills You'll Need to Have:
- Hands-on experience in AWS and managing infrastructure in Terraform. An ideal candidate would hold the AWS Certified Security Specialty certification.
- Proficiency with security tools such as HackerOne (bug bounty program), DataTheorem, Cobalt (SAST/DAST/SCA), and AWS Inspector, or similar tools.
- Ability to use GitHub and to manage relevant GitHub Actions and GitHub Advanced Security features.
- Development skills and experience in security analysis of cloud, desktop, and mobile applications.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Able to adapt quickly in a growing organization and solve problems collaboratively across development teams. Willing to learn new security technologies as business needs evolve.
- Able to work independently in high-risk environments with minimal supervision.
Skills that are Nice to Have:
- Certifications in any of the following: CISSP, CEH, GIAC Reverse Engineering.
- Advanced internal knowledge of Windows and/or macOS.
- Strong familiarity with securing cloud-based technologies like Azure and GCP.
- Thorough knowledge of digital forensics methodology.
- Strong background in security architecture, system administration, and networking.
Tööülesannete kirjeldus
- Automate security processes and tooling within the CI/CD pipeline, including integrating SAST/DAST/SCA tools to prevent classes of security issues.
- Perform and manage collaboration with external firms on security-focused code reviews and penetration tests.
- Support and consult with product and development teams on application security, including conducting threat modeling and design reviews.
- Work through the backlog of security findings from AWS Inspector. Assist teams in triaging, reproducing, and executing infrastructure fixes.
- Administer and support our ongoing bug bounty program and security tools to ensure timely remediation of vulnerabilities. This includes assisting teams in triage, reporting, and vendor management.
- Manage the overall cloud security posture, ensuring the well-architected framework is applied across our AWS, Azure, and GCP environments.
- Lead efforts to promote security best practices and foster a secure development culture across the organization.
Omalt poolt pakume
Perks & Benefits:
- An opportunity to do something great for yourself and the world!
- Employee Referral Bonus Program
- Wellness programs
- Health Days
- Stocked kitchen with drinks, snacks and essentials
- Hybrid work-model
Selle ametikoha keskmise palga info leiad aadressilt palgad.ee.
Asukoht
- Tallinn, Harjumaa, Eesti
Kai 1 - Osaline kaugtöö
Tööaeg
- Täistööaeg
Keeled
- Inglise
Kontaktisik
Karena Kurvits
Karena Kurvits
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes has grown beyond malware remediation to ensuring cyberprotection for every one, providing device protection, privacy, and prevention solutions in the home, on-the-go, at work, or on campus. With threat hunters and innovators across the world, we want great people, like YOU, to join our team!
Sarnased töökuulutused:
DevOps Systems Engineer (m/w/d)
Süsteemiadministraator / IT Systems Administrator
Projektijuht