Cloud Applications Security Engineer

Kraków, Poland

About role
  • At Codewise, in such a fast and dynamic environment, we are looking for someone creative and motivated that will be in charge of finding and fixing vulnerabilities within the company’s SaaS products and help implement good security practices throughout the engineering.
  • You’re extremely well organized person with great communication skills. Trustworthy and high work ethic standards it’s what describes you best. Your candid and friendly personality helps you lead any initiative in effective manner.
Key Responsibilities
  • Take a leadership role in driving security and privacy initiatives for cloud hosted products
  • Conduct regular security architecture and design reviews of all systems
  • Implement security measure during application development life-cycle
  • Perform hands on security testing of products and services to discover risk and cooperate with development teams in their resolution
  • Monitoring the security community for new threads and issues
  • Suggesting and implementing changes in infrastructure, working with backend and frontend developers
  • Oversee initiatives around internal security area
Requirements
  • 2+ years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis and response
  • Experience in protecting webapp against the OWASP top 10.
  • Experience with building secure products on at least one of public clouds (AWS prefered)
  • Expertise with operating systems (Linux), database, and networking stack (TCP/IP, HTTP)
  • Enthusiasm for the constant fight to ensure security and privacy
  • Programming skills in high level language (e.g. Python / Go / Java)
  • Experience defining security policies, controls and requirements
  • Fluent english
Nice to have
  • Experience with thread modelling, signal development and end-to-end security management
  • Experience with applied cryptography and security protocols
  • Experience with attacks and mitigation methods
  • Experience with intrusion detection systems