Yerevan, Yerevan, Armenia Remote (Global) Full-time

CloudLinux is hiring a Lead Application Security Engineer / DevSecOps Engineer (worldwide remote)

About the Role

CloudLinux is looking for a Lead Application Security Engineer / DevSecOps Engineer to enhance the security of our software products and champion security practices throughout the development lifecycle.

What You'll Do

Perform comprehensive security reviews of the company's external services.
Design and implement recommendations for security hardening.
Participate in all steps of the SDLC as a security engineer.
Design and review new features to implement the Security by Design principle.
Call attention to risks and drive actions to address them to protect users.

What We're Looking For

Deep technical knowledge and understanding of security, including web applications security (backend and frontend), penetration testing, and modern security mechanisms.
At least 3 years of experience assessing the security of Web applications and Binary applications.
Deep understanding of modern web technologies (OAuth, JWT, CORS, CSP, SOP, SameSite, etc.) and architectures.
Relevant education or a robust understanding of information security and IT fundamentals.
Experience coding/scripting in one or more general-purpose languages.
Deep understanding of Linux architecture and its security stack.
Experience with binary vulnerabilities and exploitation.
Upper-intermediate level of English proficiency or higher.

Nice to Have

Experience exploiting vulnerabilities found in code.
Experience with code audits and code audit automation.
Experience architecting, developing, or maintaining secure cloud solutions.
Experience reviewing Docker/Kubernetes architectures.
Successful CTF or Bug Bounty participation will be a major plus.
Relevant certificates (OSCP, AWAE, CREST, GPEN) will be a major plus.

Technical Stack

Linux
Docker
Kubernetes

Benefits & Compensation

A focus on professional development and a budget for education.
Interesting and challenging projects.
Fully remote work with flexible hours; work from any location worldwide.
Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leave.
Compensation for private medical insurance.
Co-working and gym/sports reimbursement.
The opportunity to receive a reward for the most innovative idea the company can patent.

Work Mode

This is a fully remote position open to candidates worldwide, with flexible working hours.

CloudLinux is an equal opportunity employer.

Required Skills

LinuxDockerKubernetesApplication SecurityDevSecOpsSecurity EngineeringCloud SecuritySecurity AutomationCI/CDScriptingVulnerability ManagementThreat ModelingSecurity TestingCompliance

Your first international client?

Don't lose them over invoicing

Clients ghost freelancers with unprofessional invoicing. Glopay gives you a real EU company partnership so they take you seriously from invoice #1.

Instant EU company partnership

Invoice builder with your branding

Automated payment reminders

Real-time payment tracking

Get EU company now

Ready in 24 hours

About company

TuxCare is a subsidiary of CloudLinux Inc., the maker of the #1 OS in security and stability for hosting providers. It offers a portfolio of security solutions for Linux and open-source software aimed at enterprise organizations.

Visit website

Job Details

Category security

Posted 3 months ago