Join our companies in their quest to drive powerful, positive, change that endures.

Application Security Engineer

inDrive

inDrive

Astana0, Kazakhstan
Posted on Monday, April 22, 2024

Senior Application Security Engineer

Kazakhstan, Astana

  • Hybrid
  • Full-time
  • Junior

We are looking for an Application Security Engineer in the AppSec team.

AppSec provide the following services: Consulting development teams on security issues, Security audit of service architecture, Security audit of service implementation, Automatic search for vulnerabilities using SCA, SAST, DAST, secret scan tools, Support of the Bug Bounty program, Conducting awareness events: Secure development course, phishing simulations, Capture The Flag competitions

Responsibilities

  • Conducting web application audits
  • Processing the results of automatic scans of source code (secrets, vulnerable dependencies, SAST, DAST)
  • Interaction with development teams to fix vulnerabilities
  • Conducting awareness activities
  • Reproducing vulnerabilities obtained from the BugBounty platform, creating regress tests

Qualifications

  • Having a higher education in IT, ideally information security
  • Knowledge of at least one high-level programming language, ideally Golang
  • Experience in IT from 1 year
  • Basic skills in working with operating systems and databases
  • Basic understanding of OWASP Top 10 vulnerabilities
  • Ability to learn quickly

Conditions & Benefits

  • Stable salary, official employment
  • Health insurance
  • Hybrid work mode and flexile schedule
  • Relocation package offered for candidates from other regions
  • Access to professional counseling services including psychological, financial, and legal support
  • Discount club membership
  • Diverse internal training programs
  • Partially or fully payed additional training courses
  • All necessary work equipment