Acronis
Acronis is a global leader in cyber protection that seamlessly integrates data protection, cybersecurity, and endpoint management for Managed Service Providers (MSPs). Offering solutions such as backup, disaster recovery, and advanced endpoint detection and response, Acronis ensures comprehensive security for various workloads across multiple platforms. With a commitment to protecting clients against modern threats, Acronis provides a robust cybersecurity framework that incorporates data governance and compliance, making it a trusted choice for businesses seeking reliable IT management solutions.
backup • software • data protection • virtualization • cloud
Senior Application Security Engineer
May 11
Acronis
Acronis is a global leader in cyber protection that seamlessly integrates data protection, cybersecurity, and endpoint management for Managed Service Providers (MSPs). Offering solutions such as backup, disaster recovery, and advanced endpoint detection and response, Acronis ensures comprehensive security for various workloads across multiple platforms. With a commitment to protecting clients against modern threats, Acronis provides a robust cybersecurity framework that incorporates data governance and compliance, making it a trusted choice for businesses seeking reliable IT management solutions.
backup • software • data protection • virtualization • cloud
📋 Description
• Acronis is revolutionizing cyber protection • We are looking for a Senior Application Security Engineer • The application security team works to make Acronis applications more secure • You will find security bugs before bad guys do it • Together with the development team, you'll change development processes and practices • You will monitor the attacks and respond to them • You will create novel solutions to detect and advanced approaches to protect applications. • Threat modeling: Think about how attackers can compromise a system and what protections are needed against them • Secure Software Development Lifecycle: Help developers write secure code that minimizes vulnerabilities by implementing secure coding standards, techniques, and best practices • Security code reviews: Identify security vulnerabilities in source code before an application is deployed to production • Vulnerability testing and analysis: Discover weaknesses once an application is deployed and advise development teams on remediation • Conduct security assessments for software components developed in the company. • Validate external security reports and bug bounty submissions. • Take part in the SLDC process development and implementation. • Conduct post-mortem reviews of application security bugs. • Consult engineers on application security matters, train them on secure development practices.
🎯 Requirements
• 2+ years in Application Security • Strong knowledge of the modern web, mobile, and network security • Hands on experience with security assessment tools and attack techniques • Published security research, open source tools, blog posts, proven history of bug bounty programs participation considered a strong advantage. • Understanding of security models of Web/REST API, cloud, mobile and desktop apps. • Code assessments in programming languages Go, Python, Ruby, C/C++, JavaScript. • Basic programming skills with Go, Python or another language will come handy. • Strong communication skills. • Be ready to write a simple exploit or a few lines of code that allows checking some kind of attacking vector. • Be ready to answer in an interview the following questions: What is the Same Origin Policy? Share your knowledge about Cross-site scripting contexts Describe any attack like SQL injection, XXE, SSRF, or any other. Suggest right fixes and possible bypasses (Windows Security) Your opinion about LPE from Admin to the System user How to count possible compromised accounts?
Apply Now