Remote Senior Security Specialist

Description:

• As a Senior Security Specialist, you will be responsible for ensuring the security of our APIs, mobile applications, and infrastructure.
• You will lead efforts to identify, analyze, and mitigate security vulnerabilities across our systems.
• This role involves working closely with cross-functional teams to deliver secure and scalable solutions.
• Your expertise in penetration testing, security analysis, and cloud infrastructure (AWS preferred) will be crucial in safeguarding our assets from potential threats.
• Key responsibilities include conducting penetration testing and vulnerability assessments on APIs, mobile applications, and cloud infrastructure to identify security weaknesses.
• You will perform in-depth security analysis, including scanning application dependencies and identifying risks related to third-party libraries and services.
• The role requires reviewing and auditing code, configurations, and infrastructure to ensure best security practices are followed and compliance is maintained.
• You will develop and implement security protocols and policies to ensure secure application development and deployment.
• Continuous monitoring, detection, and response to emerging security threats will be part of your duties, along with advising teams on preventive measures.
• Collaboration with developers, product managers, and IT teams to design secure systems, applications, and processes is essential.
• Staying up to date with the latest security trends, vulnerabilities, and exploits will help refine and adapt security practices.
• You will lead security investigations, including incident response and forensic analysis, as necessary.
• Working with cloud security tools and AWS services to ensure the security of our cloud-based infrastructure is also a key responsibility.

Requirements:

• At least 5 years of experience in cybersecurity with a focus on application security, API security, and infrastructure security is required.
• Extensive experience with penetration testing tools and methodologies (e.g., Burp Suite, OWASP ZAP, Metasploit, etc.) is necessary.
• A deep understanding of networking, network security protocols, and common security vulnerabilities (e.g., SQL Injection, XSS, CSRF) is essential.
• Experience with cloud security, specifically in AWS (Amazon Web Services), is required.
• Familiarity with security scanning tools and dependency analysis for vulnerabilities (e.g., Snyk, Dependency-Check, OWASP Dependency-Check) is necessary.
• A proven track record in performing threat modeling, risk analysis, and vulnerability assessments on web and mobile applications is required.
• Strong understanding of encryption, authentication protocols, and secure coding practices is essential.
• Experience with DevSecOps practices and integrating security into CI/CD pipelines is necessary.
• In-depth knowledge of common security frameworks and standards (e.g., OWASP Top 10, NIST, ISO 27001, CIS) is required.
• Certifications such as CISSP, OSCP, CEH, or equivalent are preferred.
• The ability to communicate technical information to non-technical stakeholders effectively is essential.
• Strong problem-solving skills and the ability to work independently are required.

Benefits:

• The position offers a remote work environment, allowing flexibility in your work location.
• You will have the opportunity to work with cutting-edge security technologies and practices.
• The role provides a chance to collaborate with cross-functional teams and contribute to the security of critical systems.
• You will be part of a dynamic team that values continuous learning and staying updated with the latest security trends.
• Opportunities for professional development and obtaining relevant certifications are encouraged and supported.