Bugcrowd is the world’s #1 crowdsourced security company. Our award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations solve security challenges, protect customers, and make the digitally connected world a safer place.
A successful candidate will be passionate about security and be hungry to learn more, while adapting to a constantly changing environment.
Description
The Junior Security Engineer’s role is to aid the security efforts of Bugcrowd, while proactively making changes to further improve our security posture. To achieve this goal, we require a motivated team who are willing to push their own boundaries and step out of their comfort zones. You will be challenged on a regular basis, especially because you are the last line of defence for one of the largest crowdsourced security platforms! The Junior Security Engineer will receive mentoring from multiple senior security professionals and will work closely with these professionals on a daily basis.
Responsibilities
Security Architecture - Working with developers to uplift the current security controls and architecting solutions
Risk Management - Assess the risk behind security issues, track core metrics
Pen Testing / Red Team - Performing penetration tests and red teams of Bugcrowd assets (and vendors)
Operations / Incident Response - Aid with the process of Incident Response, security operational activities when required
Position Requirements
Familiarity with Pentesting techniques
Knowledge of OWASP Top 10
Basic knowledge of Incident Response
Knowledge of threat intelligence
Ability to understand a vulnerability and work with developers to patch it
Scripting knowledge of at least one of: Python, JavaScript, Ruby
Great communicator who is comfortable communicating across multiple teams
Self motivated and organised - must be able to operate from a calendar and be punctual
Some cloud experience (AWS preferred)
Basic understanding of Identity and Access Management (IAM)
Ability to figure things out themselves (look at configurations, learn what they mean, and solve problems)
Has the desire to be self-sufficient and strives towards it
Basic red team knowledge
Familiarity with git and pull requests is a must
Familiarity with a ticketing system / issue tracking system is a must (e.g: Jira)
Formal Education
The Junior Security Engineer will have a bachelor’s degree / certifications (or equivalent) and 2 years of experience in a similar role or its equivalent.