Get My Score

Cavirin Systems, Inc.

Job Description: 

As a member of the Information Security team, you'll work with software engineers to improve the security of Cavirin products across the development lifecycle. You'll get to apply your breaker skills, pentesting Cavirin product, and sharpen your builder skills, working to automate security assessments and shape software architecture.

This email address is being protected from spambots. You need JavaScript enabled to view it.


Core Responsibilities

  • Perform deep-dive penetration tests of Cavirin on-premise and cloud platform
  • Plan, build and deploy infrastructure to help catch vulnerabilities automatically
  • Assist engineering teams in feature design, threat modeling, and security-critical code review
  • Coordinate external vendors providing 3rd party security reviews
  • Perform code reviews, static code analysis, and dynamic application scans
  • Analyze impact and exposure to emerging security threats, vulnerabilities, and risks
  • Help deploy security solutions in Agile methodology, with continuous delivery processes

What We Value

  • Ability to communicate technical security concepts to diverse audiences, both verbally and in writing.
  • Deep expertise with application test methodologies and tooling (eg. Burp).
  • Strong familiarity with OWASP Top 10 web vulnerabilities and how to engineer software to avoid them.
  • Working knowledge of at least one of Java or Python
  • Experience applying static and/or dynamic analysis in application testing.
  • Ability to evaluate cryptography choice and implementation.
  • Passion for automating application security testing and the strengths/weaknesses of test automation.

Qualifications 

  • In-depth knowledge and expertise in Application Security as a part of Product Development
  • At least 5 years of related hands-on security product development experience (Java, Python, JS minimally) with web applications
  • Strong working knowledge of static and dynamic scanning tools
  • Knowledge of other technologies like PHP, Node.js, and content management systems is a plus
  • Ability to conduct web security assessments and handle vulnerability remediation of applications and web services
  • OSCP, CASS, CCSLP, GIAC Certified Web Application Defenders (GWEB) certifications is a big plus
  • Strong knowledge of common networking configurations, load balancing, firewalls, and security controls in the cloud is a plus
  • Excellent teamwork, communication, and customer facing skills

Send resume to This email address is being protected from spambots. You need JavaScript enabled to view it.

0
0
0
s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.