ASAPP is hiring a
Cloud Security Engineer

Summary

The job is for a Security Engineer at ASAPP, where the employee will oversee various security domains and work with cross-functional teams to develop secure, scalable, and robust services. The role involves mitigating security vulnerabilities, conducting research on new attack vectors, participating in penetration testing, configuring cloud environments, co-owning security detection and incident response tooling, collaborating with engineering teams, and participating in on-call responsibilities.

Requirements

• +4 years experience on security detection and incident response
• Perform security investigation when its required including threat hunting and forensics
• Familiar with container ecosystems (docker, k8s, helm), and security best practices
• Deep understanding of cloud-based (AWS) infrastructure and security technologies
• Experience with IAM and RBAC and IdP solutions
• Experience writing IaC especially Terraform
• 4+ years of experience identifying potential cybersecurity attacks and mitigations across multiple and diverse attack vectors
• Proficient in at least one high-level programming language (Python preferred)
• Strong interpersonal and communication skills

Responsibilities

• Develop and document technical solutions to help mitigate security vulnerabilities
• Conduct research to identify new attack vectors against ASAPP products and services as well as conducting vulnerability and risk management across the ecosystems
• Participate in related penetration testing, red teaming, and other offensive security exercises
• Contribute to securely configuring our cloud environments
• Co-own the security detection and incident response tooling and process
• Interact and collaborate with different engineering teams
• Participate in on-call responsibilities along with your teammates

Preferred Qualifications

• B.S. in Computer Science or related field, or equivalent experience
• Involvement in the Security community and industry participation is a plus
• Experience with solving problem related to Infrastructure security with good understanding of Architectural Review
• Knowledge about encryption
• Experience developing detections as code (detection engineering) solutions
• Previous experience doing security on agile/fast startup environments
• Experience with cloud native architecture

Benefits

• Competitive compensation
• Stock options
• Insurance
• Free Lunch and Dinner
• Connectivity (mobile phone & internet) stipend
• Wellness perks
• Mac equipment
• Learning & development stipend
• Parental leave, including 6 weeks paternity leave