Web Application Security Engineer

Job not on LinkedIn

November 10

Apply Now

Receive Emails with Similar Jobs

CXM Direct

WebsiteLinkedInAll Job Openings

Finance • Fintech

CXM Direct is a global forex and CFD broker offering a wide range of trading instruments including currencies, commodities, indices, energy products, and cryptocurrencies. With advanced trading platforms such as MetaTrader 4 and 5, CXM Direct provides innovative trading solutions tailored to the needs of professional traders. The company offers various account types and services such as leverage policies, instant deposits, and withdrawals, ensuring a seamless trading experience. Regulated in multiple jurisdictions, CXM Direct emphasizes safety and sophistication in trading, positioning itself as a pioneer in the online trading environment.

51 - 200 employees

Founded 2015

💸 Finance

💳 Fintech

📋 Description

• Conduct comprehensive security assessments of web applications and SD-WAN network infrastructure. • Identify vulnerabilities through manual testing techniques and automated scanning tools. • Monitor security events, analyze logs from WAF and proxy infrastructure, and respond to security incidents. • Design and execute purple team exercises that test detection capabilities and defensive controls. • Develop automation scripts and tools to streamline security tasks and enhance efficiency.

🎯 Requirements

• Education Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related technical field; or equivalent practical experience • ExperienceMinimum 3-5 years of hands-on experience in web application penetration testing and security assessment • Technical Skills Deep understanding of OWASP Top 10 vulnerabilities, common web application attack vectors, and remediation strategies • Network Security Practical experience with SD-WAN technologies, forward proxies, reverse proxies (Nginx, HAProxy, Apache), and load balancers • Security Tools Proficiency with Burp Suite Professional, OWASP ZAP, Nmap, Metasploit, and vulnerability scanning platforms • Programming Strong scripting abilities in Python, Bash, or PowerShell; familiarity with JavaScript, PHP, Java, or .NET for code review • Blue Team Skills Experience with SIEM platforms, log analysis, incident response procedures, and threat hunting methodologiesWAF/IPS • Hands-on experience configuring and tuning web application firewalls and deep packet inspections • Preferred QualificationsExperience with cloud security, particularly in AWS, Azure, and alternative cloud environments, is beneficial given the hybrid nature of modern infrastructure. Familiarity with container security (Docker, Kubernetes), API security testing (REST, GraphQL, SOAP), and mobile application security adds significant value to this role. • Previous experience in a purple team capacity, or demonstrated ability to work effectively across offensive and defensive security functions, is strongly preferred. Excellent written and verbal communication skills are essential, as you will be producing detailed security reports, presenting findings to technical and non-technical audiences, and collaborating with diverse stakeholders.

🏖️ Benefits

• Competitive Compensation • Medical • Gym Allowance • Company Events • Personal Growth