от компании (организации): Insolar в городе (населённом пункте): Москва, Россия
в отрасли экономики "Информационные технологии, интернет, телеком" → "Компьютерная безопасность"
с заработной платой: от 200000 до 420000 руб.
Вакансия № 10294132 добавлена в базу данных сайта Работа в Москве и Московской области (МО, Подмосковье): Суббота, 3 августа 2024 года.
Дата обновления вакансии № 10294132 на сайте Работа в Москве и Московской области (МО, Подмосковье): Понедельник, 23 сентября 2024 года.
Обращаем Ваше внимание, что на момент обращения к работодателю вакансия № 10294132 может быть уже занята. Администрация сайта Работа в Москве и Московской области (МО, Подмосковье) приносит извинения за доставленные неудобства.
Требования к опыту работы:
более 6 лет
Тип занятости:
полная занятость
График работы:
полный день
Дополнительные сведения о вакансии: Application Security Officer
THE ROLE
We are looking for a person who will be responsible for increasing Security Awareness of Insolar Blockchain Platform and making our products more robust and secure. This challenging goal includes lots of activities: advocating a consistent approach to Security through the whole SDLC for both Customer and Development Team, tracking and helping all Security-related activities, diving deep into project details, creation of security-related artifacts, contributing to Security Testing, etc. We expect that you are strong at software and application security, experienced in reviewing the design and source code and penetration testing and have good command in developing and improving the security process and new security functionality
RESPONSIBILITIES
- Establish the Secure Design (Threat Model) for development projects
- Review the Application Security Source Code for all products and platforms
- Act as our liaison in all 3rd-party Application Security Penetration Testing
- Lead in preparation of vulnerability response process, impact assessments and remediation plans
- Actively propose the design and code changes to meet product security objectives and remedy security findings
- Perform Security Audits for projects: both Architecture and Implementation/Code Review
- Analyze and identify security vulnerabilities in existing and new functionality in the Platform and applications, including execution and storage layers and data exchange procedures
- Implement SDLC process
- Build/deploy/maintain security controls, instrumentation and infrastructure for detecting weak points
IDEAL CANDIATE
- Understanding of Threat Models
- Practical knowledge of pentest and vulnerability scanning toolset
- Practical understanding of all common types of attacks
- Ability to use the tools to perform actual attacks is a plus
- Practical knowledge of at least one Security Development methodologies
- Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review
- Understanding of main security principles, such as multi-layered protection (Defense in Depth)
- Understanding of main areas of protection (Security, Privacy, Availability) and levels of defense (networking, infrastructure, OS, Application)
- Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, crypto-operations, etc)
- Understanding of basic principles of infrastructure security and penetration testing
- Experience with Docker security and threat modeling systems (STRIDE, Attack Trees, etc)
- Understanding of main cryptographic concepts and techniques: secret and public-key cryptography, trust models, widely used algorithms and protocols (DES, AES, RSA, TLS, elliptic curve cryptography and others). Familiarity with key management infrastructure.
ABOUT INSOLAR
Insolar combines pragmatic, real-world business experience with some of the best technology talent in the distributed ledger space. We have 70 people in Europe and North America, including 50-strong R&D team.
We are passionate about transforming the world with advanced technologies. We believe our solutions will make the world more efficient, transparent and connected.
OUR PRINCIPLES
Many companies have value statements, but often these written values or principles are vague and ignored. The real principles of a firm are shown by who gets rewarded or let go. Below are our real principles, the specific behaviors and skills we care about most.
Customer Obsession
- We start with the customer and work backwards
- We work vigorously to earn and keep customer trust
- We pay attention to competitors, but are obsessed over customers
Deliver Results
- We focus on key inputs for business and deliver them with the right quality and in a timely fashion
- Despite setbacks, we rise to the occasion and never settle
Highest Standards
- We relentlessly maintain high standards even if many people may think these standards are unreasonably high
- We continually raise the bar and drive our team to deliver high quality products, services and processes
- We ask question about actions inconsistent with our principles
- We are critical of the status quo
- We ensure that defects do not get sent down the line and that problems are fixed so they stay fixed
Radical Transparency
We say what we think to our colleagues when it is in the best interest of the company, even if it is uncomfortable to do so
Ownership
- We act on behalf of the entire company and seek what is best for the company
- We think long term and don’t sacrifice long-term value for short-term results
- We never say “that’s not my job” and always help colleagues
Think Big
- We create and communicate a bold direction that inspires results
- We think differently and from a new perspective
Invent
- We expect and require innovation and invention from our team and ourselves
- Learn and Be Curious
- We are externally aware and look for new ideas everywhere
- We never finish learning and always seek to improve ourselves
Hire and Develop the Best
- We raise the performance bar with every hire and promotion
- We recognize exceptional talent, and willingly move those talented people throughout the organization
- We take seriously our role in coaching others
Lean
We accomplish more with less because constraints breed resourcefulness, self-sufficiency and invention
One Team
- We help each other to succeed
- We nurture and embrace differing perspectives to make better decisions
Откликнуться на эту вакансию: Application Security Officer
Предыдущая вакансия:
Вакансия № 10294131 на должность Key Account Manager от компании ManpowerGroup в городе (населенном пункте) Москва