You are an application security engineer who wants to get in on the ground floor of one of NYC's most exciting startups. You are passionate about security, and want to build a secure product that will revolutionize an entire industry.
You love to learn, and equally love to share your knowledge with others. You're both a listener and contributor. You are a great communicator and you take care to understand before making yourself understood.
We are looking for a security professional who is interested in working with a talented startup team in building secure, resilient, and high-performance website, mobile apps, and data services for the real estate industry. You will work with developers to make security and compliance available to be consumed as services. You will help architect secure web products, perform simulated attacks, identify weaknesses, and work with the engineers to remediate and protect our products. You will help us build security as code.
What We're Looking For:
3+ years of hands-on experience performing security tests and manual pentests on web applications, mobile apps, and web services (APIs).
Understanding of application security vulnerabilities and remediation techniques.
Knowledge and hands on experience with AWS cloud infrastructure and native security services such as Inspector, GuardDuty, Web Application Firewall, Security Groups, and CloudTrail.
Proficiency in scripting languages such as Bash and Python.
Knowledge of programming languages like Java, Python, and Golang.
Knowledge of Linux operating system.
Experience and knowledge of tools to facilitate secure SDLC controls (SAST, DAST, etc.).
Bachelor's degree in Computer Science or Engineering or commensurate experience.
Professional certification such as OSCP, GWAPT, GWEB, GPEN preferred but not required.
Check out our Engineering blog!