Overview:
The Senior Security Engineer plays a crucial role in ensuring the security and integrity of our organization's systems and data. This position is vital in designing, implementing, and maintaining security measures to protect our networks and systems from cyber threats.
Key Responsibilities:

• Conduct penetration tests across applications to identify security weaknesses. Simulate real-world attacks to assess the effectiveness of existing security measures, ensuring proactive vulnerability identification and resolution
• Design and implement offensive security strategies and attack scenarios to uncover potential weaknesses in our systems and infrastructure
• Develop automated tools like Nuclei to enhance our security capabilities. Identify recurring security pitfalls that can be systematically resolved using scalable solutions such as libraries, and implement advanced security controls to rigorously test and secure applications
• Audit source code and perform code reviews for critical application changes
• Keep up-to-date with the latest security trends, tools, and techniques to continuously enhance the security posture of the organization. You will research and evaluate emerging threats and vulnerabilities, and provide recommendations for improving our security practices, further enhancing security.
• Provide guidance and mentorship. You will share your knowledge and experience to help develop the skills and expertise of fellow team members and essentially, help grow our team
• Provide hands-on guidance for vulnerability remediation and train developers on common security pitfalls, fostering a proactive security culture within the development process

Required Qualifications:

• Is able to reason through Ruby, Javascript, Python, and Java/Kotlin code bases which are used in some of our support services
• Has a thorough understanding of application security principles, including the ability to identify vulnerabilities highlighted in the OWASP Top 10, and can propose effective fixes
• Exhibits an offensive security mindset, consistently exploring potential vulnerabilities and thinking critically about what could go wrong
• Is skilled in analyzing logs using tools such as SQL and SIEM to uncover security threat and anomalies
• Communicates security concepts effectively, both internally and externally, articulating best practices and strategic approaches to application security