Application security analyst (Banking Team)

About team

We are Quadcode, a company that develops a SaaS trading platform for clients around the world.

Every business is unique, and our banking solution is designed to meet the specific needs of various customer categories. Amaiz is a business account app that is transforming companies and the self-employed across every sector in the UK. Our customers benefit from UK current accounts with customer care, accountancy integration, and smart bookkeeping tools that help them take control of their finances without the hassle.

Now we are looking for Application security analyst in the Banking Team.

This position can be based in any of the following countries: Armenia, Azerbaijan, Belarus, Bulgaria, Georgia, Greece, Hungary, Kazakhstan, Kyrgyzstan, Latvia, Moldova, Romania, Serbia.

Tasks in the role

• Tasks within the SDLC process: analysis of analyzer results, rule refinement, evaluation of their effectiveness;
• Source code analysis of applications in Java;
• Conducting internal penetration tests;
• Diving into the workings of containerized applications, understanding their implementations;
• Preparing recommendations for identified vulnerabilities, taking into account the specifics of the technological stack and implementations.

Requirements

• Experience with DAST (AFL, Fuzzing, Burp), including creating custom “farms”;
• Experience in conducting pentests for virtualized infrastructure;
• Experience in analyzing mobile applications;
• Programming skills in Java;
• Experience with k8s, Docker;
• Experience with traffic analyzers (Wireshark, etc.);
• Experience in automating routine security processes;
• Understanding of modern software development processes and practices: Agile, SDLC, DevOps, CI/CD;
• Competent written and verbal communication skills (English B1, Russian B2+).
  

Would be an advantage

• Successful participation in Bug Bounty programs;
• CTF experience;
• Familiarity with OWASP Testing Guide, OWASP Code Review Guide, OWASP Secure Coding Practices;
• Experience working with and supporting HashiCorp Vault;

Experience with network vulnerability scanners (Nessus, XSpider, MaxPatrol, etc.).

We offer

• Remote collaboration from your location;
  
• Competitive remuneration;
  
• Professional courses: from Coursera to Harvard;
• Friendly, enjoyable and positive environment.

Ready to be part of a financial revolution? Join us today and be a part of a team that's making banking easier and more efficient for businesses and self-employed individuals. Your journey starts here with Amaiz!

Note: All applications will be treated with strict confidence. We thank all applicants for their interest, however only those candidates selected for interviews will be contacted.

#LI-DG1 #LI-Remote