Senior Security Engineer

Security Engineer is a part of Glia’s compliance and security team. The team is responsible for the three pillars of security – confidentiality, integrity and availability. 

Security is not just a feature, it’s an integral part of our service.

Responsibilities

• Take ownership of the platform and applications’ security, help development teams ensure compliance with industry standards and regulations
• Help conduct regular security assessments, penetration tests, and audits of our platform and applications
• Guide and help with the implementation of robust security measures for data protection
• Collaborate with product and development teams to integrate security practices into the development lifecycle
• Independently identify and coordinate the resolution of security vulnerabilities
• Coordinate evidence/data gathering and documentation from various tools and collection methods
• Help run the public bounty hunter program
• Train other team members about the application and platform security
• Evaluate, implement and manage security technologies.

Requirements

• Strong experience in platform security, vulnerability management, and DevSecOps tooling (such as Terraform, Ansible, Kubernetes, WAF, SIEM, IDS/IPS, PostgreSQL, Snyk, Sysdig)
• Familiarity with application security, dependency management
• Good understanding of network protocols and types of network-based attacks
• Familiarity with scripting languages such as Python
• Understanding of security and compliance frameworks such as SOC 2, PCI DSS, HIPAA, OWASP ASVS
• Experience with handling cyber security incidents

What will make you successful

• Proficiency in the AWS environment and its security aspects
• Familiarity with common security protocols, encryption techniques and authentication mechanisms
• Experience with SAST, DAST, SC, SBOM
• Previous experience working with Information Security audits
• Familiarity with NodeJS/Ruby/Elixir