ASAPP is hiring a
Lead Security Engineer

Summary

The job is for a full-time Security Engineer at ASAPP, where you will be responsible for various security domains, improving cloud security infrastructure, and partnering with cross-functional teams. You should have experience in identifying cybersecurity attacks and mitigations, be familiar with container ecosystems, cloud-based infrastructure, IAM and RBAC, and proficient in at least one high-level programming language.

Requirements

• 5+ years of experience identifying potential cybersecurity attacks and mitigations across common attack vectors (OWASP Top 10)
• Familiar with container ecosystems (docker, k8s, helm), and security best practices
• Deep understanding of cloud-based (AWS) infrastructure and security technologies
• Experience with IAM and RBAC and IdP solutions
• Experience writing IaC especially Terraform
• Proficient in at least one high-level programming language ( Python preferred )
• Strong interpersonal and communication skills

Responsibilities

• Oversight and responsibility for different domains such as application security, infrastructure security, corporate security, and protection of sensitive data
• Participate in the buildout and improvement of ASAPP’s cloud security infrastructure and its cloud security posture management (CSPM)
• Partner with Product Engineering, Platform, SRE and ITS teams to help develop secure, scalable, and robust services
• Advocate developer-centric security best practices throughout ASAPP
• Perform technical security assessments, code audits, and design reviews
• Develop and document technical solutions to help mitigate security vulnerabilities
• Conduct research to identify new attack vectors against ASAPP products and services
• Participate in related penetration testing, red teaming, and other offensive security exercises
• Contribute to securely configuring our cloud environments
• Participate in the security incident detection and response process
• Interact and collaborate with different engineering teams
• Participate in on-call responsibilities along with your teammates

Preferred Qualifications

• B.S. in Computer Science or related field, or equivalent experience
• Involvement in the Security community and industry participation is a plus
• Experience in product-oriented environments
• Experience and familiarity with machine learning development, both from the perspective of an engineer and as an attacker/defender
• Previous experience doing security on agile/fast startup environments
• Experience with cloud-native architecture

Benefits

• Competitive compensation
• Stock options
• Healthcare for the family group
• Wellness perks
• Mac equipment
• Learning & development stipend
• 3 weeks of vacation
• English lessons