CloudLinux is hiring a Lead Application Security Engineer / DevSecOps Engineer to improve the security of our software products and drive best practices across the entire development lifecycle. This is a worldwide remote role.
What You'll Do
- Perform security reviews of the company's external services.
- Design and implement recommendations for security hardening.
- Participate in all steps of the SDLC as a security engineer.
- Design and review new features to implement the Security by Design principle.
- Call attention to risks and drive actions to address those risks to protect users.
What We're Looking For
- Good technical knowledge and deep understanding of security, including web applications security (backend and frontend), penetration testing, and modern security mechanisms.
- At least 3 years of experience assessing the security of Web applications and Binary applications.
- Deep understanding of modern web technologies (OAuth, JWT, CORS, CSP, SOP, SameSite) and architectures.
- Relevant education or a good understanding of information security and information technologies basics.
- Experience coding/scripting in one or more general-purpose languages.
- Deep understanding of Linux architecture and security stack.
- Experience in binary vulnerabilities and exploitation.
- At least an upper-intermediate level of English proficiency.
Nice to Have
- Experience in exploiting vulnerabilities found in the code.
- Experience with code audits and code audit automation.
- Experience in architecting, developing, or maintaining secure cloud solutions.
- Experience in review of Docker/Kubernetes architectures.
- Successful CTF or Bug Bounty participation will be a major plus.
- Relevant certificates (OSCP, AWAE, CREST, GPEN) will be a major plus.
Technical Stack
- Linux
- OAuth, JWT, CORS, CSP, SOP, SameSite
- Docker, Kubernetes
Benefits & Compensation
- A focus on professional development.
- Interesting and challenging projects.
- Fully remote work with flexible working hours, allowing you to schedule your day and work from any location worldwide.
- Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Budget for education.
- The opportunity to receive a reward for the most innovative idea that the company can patent.
Work Mode
This is a fully remote position open to candidates located worldwide.
CloudLinux is an equal opportunity employer.
