Senior Application Security EngineerWho We AreWillowTree is an award-winning digital product agency driven by innovation and grounded in strategy and user-centered design.
We create long-term partnerships with the world's leading brands to build and design digital flagship products crucial to our clients' business needs.
We're one of the largest independent digital firms in the US and some of our clients include HBO, National Geographic, Hilton, Anheuser-Busch, PepsiCo, and more!Location and FlexibilityThis is a hybrid role.
This model requires the ability to work in a hybrid mode from one of our offices in São Paulo (2 times/week or 8 days/month) or Porto Alegre (3 times/week or 12 days/month).
Our WFN culture is designed to foster in-person innovation, collaboration, and connection with team members local and visiting from other global offices.The OpportunityWillowTree is hiring empathetic, curious engineers to join our growing team.
We work in a fast-paced and energizing atmosphere, helping our clients' ideas come to life by building robust mobile and web applications.
Our Application Security technologies vary by project, so we value flexibility and willingness to learn.
We aim to develop amazing solutions for our clients with best practices for security in mind.ResponsibilitiesAre driven by curiosity and enthusiastic about learning new technologiesAre motivated by solving problems and finding creative solutions by taking the initiativeHave the ability to work under pressure in a fast-paced environmentPay strong attention to detail with an analytical mind and outstanding problem-solving skillsHave a great awareness of cybersecurity trends and hacking techniquesAre eager to participate in the change management processAre comfortable balancing daily administrative tasks, reporting, and communication with the relevant departments in the organizationHave experience with Github Copilot and ActionsQualificationsHave a degree in computer science, IT, systems engineering, and/or related qualification, experience, and/or certifications2-5+ years of professional experience in the application security domainUnderstanding of OWASP Top 10 and OWASP Top 10 MobileHave in-depth experience with many of our core languages: Swift, Java, Kotlin, and/or various versions of JSHave proficiency in Python, Bash, and/or PowerShellExperience working within an application security teamSkilled with mobile-related technologies (such as Mobile operating systems, IoT, Cross-platform tools, Mobile networks, and Mobile communication protocols)Proficient with web-related technologies (Web applications, Web Services, and Service Oriented Architectures), and network/web-related protocolsDetailed technical knowledge of techniques, standards, and state-of-the-art capabilities for authentication, authorization, applied cryptography, security vulnerabilities, and remediationAdvanced English SkillsSkillsExperience with technologies like Snyk, Acunetix, GitHub Actions, and BurpsuiteExperience implementing, testing, and operating advanced application security techniques within an agile environmentExperience with security testing (including troubleshooting/debugging) and code reviewsStaying apprised and implementing the latest secure coding practicesExperience providing or integrating automated tests and tools for the SDLCExperience identifying and proposing solutions to complex web and mobile application risksUnderstand the best practices in various domains of web and mobile application security such as authentication, access control, and data protectionBonus PointsExperience with CI/CD environmentsExperience working in numerous Cloud environments, preferably Azure/AWS/GCPCan safely perform penetration tests against a wide range of environmentsHave a deep interest and curiosity in all aspects of security research and developmentYou've worked with emerging technologies like Machine Learning (Ml) and artificial intelligence (AI)Why Poatek/ WillowTree?In addition to being part of an international and innovative consultancy company, you will have:Flexible hours and autonomyWork with cutting edge technologiesPartner with global and relevant brands in the marketCollaborative team and learning ecosystemInternational travel opportunities (optional)Some of our benefits:Health and dental planLife insuranceMonthly voucher for meals, culture, education, health and mobilityChild care assistance and more!If you love IT as much as we do, we look forward to meeting you!Equality is a principle here at Poatek.
We are committed to building an inclusive team that represents a variety of backgrounds, perspectives, beliefs, and experiences.
Therefore we provide equal employment opportunities to all employees and applicants regardless of race, color, religion, gender identity, sexual orientation, national origin, age, or disability.
#J-18808-Ljbffr