What You Will Do

  • Perform threat modeling and secure design reviews for Bykea’s infrastructure and applications to implement secure-by-default solutions.
  • Design and implement security solutions to automate the detection and remediation of infrastructure security issues.
  • Build out automated/scalable "shift left" approaches to code security including SAST/DAST within code pipelines
  • Perform dynamic application security testing (DAST).
  • Perform static analysis (SAST) of the micro-services and Mobile applications codebase.
  • Discover, prioritize, and remediate technical risks on features, products, and infrastructure.
  • Develop and own best practices for application security, development, and deployment (CI/CD).
  • Identify and assess vulnerabilities stemming from third party dependencies.
  • Triage and remediate vulnerabilities reported to the security team as well
  • Educate and evangelize security engineering throughout the organization

About You

  • Hands-on security experience with a passion for everything security related with a proven record of delivering a security impact.
  • Proven proficiency in scripting and/or software development (Javascript, Python preferred)
  • Experience deploying/integrating with CI/CD and configuring SAST/DAST tooling.
  • Infrastructure level experience with AWS, Kubernetes and Terraform/Cloud Formation
  • Experience with industry standard threat models and security tooling.
  • Deep understanding of web security, TLS/SSL, web authentication and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Experience with mobile applications, web applications, and micro service architecture and their security issues.
  • Proven track record securing highly available and highly scalable systems.
  • Familiarity with one or more cloud vendor services and management tools (AWS, GCP).
  • Team player who can get along with others both inside and outside the company.
  • Certifications like OSCP, AWS Security Specialty are also a plus.