Security Engineer

Lahore

Applications have closed
Sendoso logo

Sendoso

Find more jobs like this

Who We Are:
Sendoso is where you go to build something bigger than yourself. We’re a Series C company with $152M in venture capital funding with more than 800+ customers and 20,000 active users, and multiple revenue streams. Our company is on an unprecedented growth trajectory and we’re looking for people who want to do great things. 
Sendoso is the leading Sending Platform that delivers modern direct mail, personalized gifts, eGifts, and other Physical Impressions™ at scale. This makes it possible to build stronger, deeper, and more trusted relationships that move everything up and to the right! Our award-winning Sending Platform connects online and offline experiences via cloud software, automation, and real-world logistics—a feat that few companies have achieved.
Our mission statement is to help companies rise above the noise by eradicating spam and elevating relationships. Our goal is to enable businesses everywhere to make more human connections in a digital world.

What we're building:
We're at the exciting inflection point that all startups strive to reach - where we've built a product that our customers use to drive more successful outcomes in their ability to connect and engage with their audiences.   Our platform has proven value, we've achieved product-market fit.    
Our goals as a technology organization now turn to those of scale.   To build a sending platform that meets the needs of an expanding user base, both in the number of transactions we're processing and in the geographic areas we serve.
Our solution is deep.  We're a fulfillment platform that automates sending from product recommendations, order processing all the way down to individuals working in our warehouses.   We transact millions of dollars per day for both physical and digital sending through a robust marketplace.   This marketplace leverages data science and machine learning to provide an intelligent experience to suggest the most effective items to send to individuals that will produce the desired outcome.
Our technology vision is also exciting.   We're currently migrating from a monolithic application to a distributed service approach using an event sourcing architecture.   We're actively decomposing our monolith into microservices and providing next-generation experiences through the composition of micro frontends.   We employ a modern software stack consisting of AWS, Kubernetes, Docker, Ruby on Rails, GraphQL, & Vue.js.  
About your role: 
You'll join our rapidly growing technology team as a Security Engineer.  You'll work closely with product and engineering teams to break down product security requirements into successful implementation of plans and help see them through to execution.
You'll also have the opportunity to propose and adopt new technologies, methods, and processes that make us more effective as a technology organization.    

What You’ll Do:

  • Experience with anti-virus software, intrusion detection, firewalls and content filtering
  • Knowledge of risk assessment tools, technologies and methods
  • Experience designing secure networks, systems and application architectures
  • Experience in email security
  • Knowledge of disaster recovery, computer forensic tools, technologies and methods
  • Experience in planning, researching and developing security policies, standards and procedures
  • Ability to communicate network security issues to peers and management
  • Strong time management and organizational skills
  • Exposure to Linux(Kali), coding languages(Python) and Networks
  • Experience to pass GDPR and ISO27001 is a plus
  • Certification in any one of the following is a plus: Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC) or Certified Information Systems AUditor (CISA) or Certified Information Security Manager (CISM)

You will be responsible for:

  • Implement Protection: Install and use software such as firewalls and data encryption programs, to protect the organization’s sensitive information.
  • Examine vulnerabilities: Conduct daily, weekly and monthly scans of networks to find any vulnerabilities. Also, conduct penetration testing in which you simulate an attack on the system to highlight or find any weakness that might be exploited by a malicious party
  • Monitor for Security Breaches: You will constantly monitor the organization’s networks and systems for security breaches or intrusions. Also, suggest/install software that helps to notify us of intrusions and watch out for irregular system behaviour
  • Investigate Security Breaches: If a breach has occurred, you will be part of incident response activities to minimize the impact. Afterward, document a technical and forensic investigation into how the breach happened and the extent of the damage. You will prepare reports of your findings to be reported to management
  • Documentation and Standardization: You will be responsible for writing standard documentation, reviewing vendor documents, and answering security questions

What you’ll need to be successful

  • Expertise in performing Penetration Testing & Vulnerability Assessment
  • Incident response and monitoring
  • Should have experience working with IPS and IDS
  • Proficient in rolling and implementing Compliance Operations 
  • Familiarity with the common threats of DDOS, phishing, and their mitigations
  • Comfortable working with technologies including Ruby on Rails, VueJS, Mysql/Postgres
  • Proficiency using Kali Linux
  • Burp Suite, OWASP ZAP proxy, or any other debugging tool
  • Proficient In performing audits of OWASP Top 10 issues
  • Proficiency in writing and debugging python and bash scripts
  • Excellent communication skills
  • Enthusiast and willing to work independently
  • Even better if Offensive Security Certified Professional (OSCP)SOC Analyst / CISSP / CISASDLC Security Knowledge

What You'll Love:

  • Comprehensive Medical Plan - we've got you covered
  • Everyday Lunch Service - free of cost
  • 21 Days Off - per calendar year
  • Lucrative Annual Increments - performance-based
  • Sendoso Library - read all you can
  • A learning Culture - support in training/certifications, attending seminars/webinars (both int. & domestic)
  • Yearly Trip to the North - 3 to 4 nights
  • Work Equipment - Macbook, internet device & welcome pack
  • Celebration of events & festivals - Birthdays & other cultural events
  • Evening Sports - cricket, badminton, ping-pong, arcade & board games
  • Provident FundSendoso Stock Shares
Sendoso is an Equal Opportunity Employer: we value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Job region(s): Asia/Pacific
Job stats:  13  1  0

Explore more Information Security career opportunities