Bugcrowd
Bugcrowd is the world’s #1 crowdsourced security company. Our award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations solve security challenges, protect customers, and make the digitally connected world a safer place.
A successful candidate will be passionate about security and be hungry to learn more, while adapting to a constantly changing environment.
Description
The Junior Security Engineer’s role is to aid the security efforts of Bugcrowd, while proactively making changes to further improve our security posture. To achieve this goal, we require a motivated team who are willing to push their own boundaries and step out of their comfort zones. You will be challenged on a regular basis, especially because you are the last line of defence for one of the largest crowdsourced security platforms! The Junior Security Engineer will receive mentoring from multiple senior security professionals and will work closely with these professionals on a daily basis.
Responsibilities
- Security Architecture – Working with developers to uplift the current security controls and architecting solutions
- Risk Management – Assess the risk behind security issues, track core metrics
- Pen Testing / Red Team – Performing penetration tests and red teams of Bugcrowd assets (and vendors)
- Operations / Incident Response – Aid with the process of Incident Response, security operational activities when required
Position Requirements
- Familiarity with Pentesting techniques
- Knowledge of OWASP Top 10
- Basic knowledge of Incident Response
- Knowledge of threat intelligence
- Ability to understand a vulnerability and work with developers to patch it
- Scripting knowledge of at least one of: Python, JavaScript, Ruby
- Great communicator who is comfortable communicating across multiple teams
- Self motivated and organised – must be able to operate from a calendar and be punctual
- Some cloud experience (AWS preferred)
- Basic understanding of Identity and Access Management (IAM)
- Ability to figure things out themselves (look at configurations, learn what they mean, and solve problems)
- Has the desire to be self-sufficient and strives towards it
- Basic red team knowledge
- Familiarity with git and pull requests is a must
- Familiarity with a ticketing system / issue tracking system is a must (e.g: Jira)
Formal Education
The Junior Security Engineer will have a bachelor’s degree / certifications (or equivalent) and 2 years of experience in a similar role or its equivalent.
