Application Security Engineer

May 9

Apply Now

Receive Emails with Similar Jobs

CubiCasa

WebsiteLinkedInAll Job Openings

CubiCasa is a leading company that provides easy-to-use mobile applications for creating 2D and 3D floor plans. With a focus on the real estate market, CubiCasa allows users to generate accurate floor plans in just five minutes using only a smartphone. The platform offers various output formats and additional features, such as appraisal-ready reports, which are compliant with industry standards. CubiCasa aims to streamline property marketing for photographers, agents, and appraisers, enhancing the efficiency and effectiveness of real estate listings.

Floor plans • Visualization • Real Estate • Content Platform • Virtual Reality

51 - 200 employees

Founded 2014

🏠 Real Estate

🛍️ eCommerce

☁️ SaaS

💰 $325k Seed Round on 2019-06

📋 Description

• As an Application Security Engineer, you will perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code in order to expose weaknesses in their design and/or configuration that make them susceptible to exploitation. • You will work closely with development teams, product managers, and other members of the information security team to assess risks, conduct security reviews, and recommend steps for the remediation of identified vulnerabilities. • You will educate development engineers on secure coding practices and contribute to overall application security awareness.

🎯 Requirements

• 3-5 years of proven experience in application security testing, including Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Open Source Security (OSS) testing, Software Composition Analysis (SCA) • Bachelor’s Degree, ideally in a technically related field (Computer Science, Information Technology, Software Engineering), or equivalent work experience • Relevant certifications: EC-Council Certified Application Security Engineer (C|ASE), GIAC Certified Web Application Defender (GWEB), (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP) • Experience testing web applications for OWASP Top Ten security vulnerabilities • A thorough understanding of the Software Development Life Cycle (SDLC) • Experience in promoting and implementing secure coding practices, and providing training and education to development teams on secure development practices • Strong verbal and written communication skills with the ability to clearly articulate technical concepts to both technical and non-technical audiences • Attention to detail, to plan and execute tests that meet all requirements • Ability to prioritize tasks and manage time effectively to meet deadlines • Ethical integrity to be trusted with a high level of confidential information • Ability to collaborate with team members and share knowledge • Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done • Ability to understand the business implications of identified weaknesses • Commitment to continuously update your technical knowledge base

🏖️ Benefits

• Competitive compensation and immediate contribution! • Inclusive benefits package offerings 401k plans and customizable benefits including dental, vision, medical, etc. for you and your dependents. • An innovative culture that understands the importance of quality of work over quantity. • Company-supported and employee-driven ambassador groups that promote diversity, working on a hybrid schedule and philanthropy. • Learning and development programs to help advance your career and personal growth.