Senior Security Engineer

🕒 il y a 2 mois

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Bitwarden

Site WebLinkedInTous les Emplois

51 - 200 employés

Fondée en 2016

🔒 Cybersecurity

☁️ SaaS

🏢 Entreprise

Cybersecurity • SaaS • Enterprise

Bitwarden est un gestionnaire de mots de passe de confiance qui fournit des solutions numériques sécurisées pour les particuliers, les familles et les entreprises. Il propose des outils pour stocker, gérer et partager en toute sécurité des données sensibles en ligne, telles que les mots de passe, les passkeys et les cartes bancaires, en s'appuyant sur une technologie zero-knowledge et un chiffrement de bout en bout. Les services Bitwarden incluent des fonctionnalités de sécurité de niveau entreprise, comme le secrets management pour les équipes de développement, DevOps et IT, ainsi que des fonctionnalités d'authentification passwordless. La plateforme offre un accès multiplateforme, est open source et respecte des normes de conformité strictes, notamment le RGPD, SOC 2 et HIPAA.

Description

• Research emerging threats across the surface web, dark web, and deep web • Build threat models, conduct threat hunts, and plan and execute purple team engagements • Coordinate internal red team testing operations that emulate a threat actor • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to improve our offensive and defensive security controls • Contribute to vulnerability testing and analysis as well as incident response and analysis • Include testing for web, mobile, CLI, and desktop application security issues across our multi-product portfolio, including Bitwarden Password Manager, Secrets Manager, and Passwordless.dev, our APIs, serverless functions, and database • Participate in code reviews, learning and spreading technical knowledge about security posture • Contribute to resolutions for security-related issues • Coordinate technical validation and leadership review of purple team reports detailing testing results and potential areas of improvement • Conduct internal penetration tests on systems and networks to determine realistic threat vectors • Manage software tools for code scanning, vulnerability identification, and finding reporting • Effectively communicate findings, attack paths, and recommendations to stakeholders • Train others on the adversary simulation tactics and procedures used • Stay informed on current security trends, publications, and advisories • Assist to provide guidance and subject matter expertise as it pertains to all areas of security and technical operations, including analysis of our cloud environments, security testing and documentation, as well as investigations, software research, new technology, services and tools research, and vendor security analysis

🎯 Exigences

• Experience with Penetration Testing Tools, such as Burp Suite, NMAP, Nessus, Metasploit, Kali Linux, SQLMap, Owasp ZAP, and manual testing tools • In-depth knowledge of leading vulnerability management tools and strategies • In-depth understanding and usage of application security testing technologies is a plus • Understanding of authentication concepts, including OpenIDConnect, SAML, OAuth, and SSO flows • Strong working knowledge of vulnerability management tools, data and network security technologies • Collaborative and adaptable mindset • Openness and authenticity combined with excellent communication skills • Excitement and enthusiasm for open source and for better internet security • Excellent problem-solving skills – you might not know all the answers, but you know how to find and communicate the solution • Ability to maintain discretion, handle sensitive information, and maintain security best-practices • Security purple team technocrat at heart, staying current with trends and new technologies

🏖️ Avantages

• Competitive salary • Dedicated to building a diverse and talented team • Learn and grow professionally • Work remotely with motivated and supportive team members across the world