Security Engineer

Job Purpose

Responsible for developing Instabug’s security program including analyzing software designs and implementations from a security perspective, identifying and prioritizing security issues. Also include the appropriate security analysis, defenses and countermeasures for our applications and infrastructure.

Job Responsibilities

Product and Infrastructure Security

• Work closely with the product and engineering teams to review new features and suggest new ones.
• Drive S-SDLC in our cycles and review security acceptance criteria and threat modeling.
• Guide and train the team to cover security checks and security best practices.
• Perform pre- and post-deployment security tests.
• Work closely with the DevOps and platform teams to identify security issues through red teaming activities.
• Define, implement, and monitor infrastructure security measures.
• Assess security tools and integrate tools as needed.

Incident Response & Research

• Follow new security news, trends, tools, and incidents and drive needed changes.
• Support in managing our Bug-bounty program and security channels.
• Conduct vulnerability research against Instabug assets.
• Work on understanding and improving our security logging and monitoring solutions.
• Coordinate company-wide response to security incidents till remediation.
• Vulnerability management for production/testing environments

Requirements

• Bachelor’s degree in Computer Engineering, Computer Science, or equivalent discipline.
• 2+ years of relevant experience.
• Familiar with any of the following: Nessus, MetaSploit, Burp Suite, Kali, NMap, Fortify, Acunetix.
• A good understanding of Linux & Cloud infrastructure like AWS & GCP.
• Application and/or infrastructure penetration testing experience above and beyond running automated tools.