T***I
发帖数: 372 | 1 Our Information Security (Infosec) Team is responsible for the security of
company's people, infrastructure, and customer deployments around the globe.
Infosec Engineers are highly motivated team players with a dedication to
security and technology. They thrive on solving problems and tackling new
challenges.
As an Application Security Engineer, you will act as both a builder,
creating tools to help our engineers write more secure code, and a breaker,
performing penetration tests of internally developed applications.
RESPONSIBILITIES
Consult with internal teams to assist in design, threat modeling, and
reviewing security-critical code
Conduct periodic penetration tests of internal applications with up to
several million lines of code
Plan, build, and deploy infrastructure to help our engineers detect and
remediate vulnerabilities automatically
Work with external vendors to support 3rd party security reviews
REQUIREMENTS
Expert-level knowledge in Python, Java, or Go
Strong familiarity with OWASP top 10 web vulnerabilities and the ability to
explain them
Expert with ZAP, Burp, or another intercepting proxy
Knowledge of the role of static and dynamic analysis in a robust security
testing suite
PREFERRED
Experience in evaluating the choice and implementation of cryptography
Experience in evaluating the security of mobile applications on iOS and
Android
Experience in evaluating the security of applications
Experience in integrating WAFs as part of a defensible application stack
Experience with fuzzing
Experience with threat modeling, especially STRIDE
请发简历到[email protected]
/* */
我可以直接和HIRING MANAGER推荐。
另外,这个工作地点在santa clara,可以sponsor H1B和申请绿卡 |
|
