security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
Social Discovery Group operates a global portfolio of social entertainment platforms designed to connect people across different cultures. The company develops products that facilitate virtual interaction and address social isolation, maintaining a presence in over 150 countries with a diverse team of professionals.
задачи
- Improve and maintain perimeter and network-layer defenses including WAF, Rate Limiting, Anti-bot, and DDoS mitigation;
- Secure product APIs against abuse and anomalous traffic;
- Strengthen authentication, authorization, and access control at the product level;
- Run the Vulnerability Management process including identification, prioritization, and remediation tracking;
- Coordinate external pentests and drive remediation of findings;
- Lead Incident Response for product security incidents;
- Build detection and response processes in collaboration with the monitoring team;
- Contribute to Fraud & Trust and Safety initiatives;
- Protect customer data at the product level through access control, encryption, and masking;
- Run the Security Champions program to train product teams on secure development;
- Manage the Bug Bounty program.
требования
- 5+ Years in information security, including 3+ years in product security;
- Hands-on experience operating a WAF such as Wallarm, Akamai, or Cloudflare;
- Expertise in API security and API gateway experience;
- Experience with anti-bot solutions including fingerprinting and behavioral detection;
- Practical understanding of DDoS mitigation at L3–L7;
- Experience running a Vulnerability Management process including CVSS, prioritization, and remediation SLAs;
- Experience coordinating pentest projects and working with pentest reports;
- Understanding of OAuth/OIDC, session management, and JWT;
- Practical SQL and Elasticsearch skills for querying logs and data;
- Nice to have: OWASP API Security Top 10 knowledge.
условия
- 28 Calendar days of vacation per year;
- 7 Wellness days per year;
- Referral bonuses up to $5000;
- 50% Reimbursement for professional training and international conferences;
- Corporate discount for English lessons;
- Health benefits: compensation up to $1000 gross per year for medical insurance or doctor's fees if not eligible for corporate insurance;
- Workplace organization: reimbursement of workplace costs up to $1000 gross once every 3 years;
- Internal gamified gratitude system for merchandise and activities.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.