Application Security Engineer

TL;DR

Application Security Engineer: Ensuring the security of applications and systems at Туту with an accent on improving the existing S-SDLC and implementing new security processes. Focus on automating Application Security processes and conducting security audits.

Компания

Туту — крупнейший в России сервис для путешествий.

What you will do

• Improve existing S-SDLC by integrating new security solutions.
• Implement new S-SDLC processes.
• Participate in security audits and reviews.
• Create tools to enhance security for developers.
• Communicate with multiple development teams as a Security Business Partner.

Требования

• Experience in implementing S-SDLC solutions and automating Application Security processes.
• Experience conducting security design reviews.
• Knowledge of web application vulnerabilities and risk mitigation strategies.
• Willingness to communicate with teams and participate in processes.
• Experience in finding vulnerabilities in code using go, php, js.

Хорошо, если есть

• Knowledge of vulnerabilities in mobile applications.

Культура и преимущества

• Full remote work option or office visits as preferred.
• Strong technical infrastructure and knowledge base.
• Regular salary indexation and bonuses based on performance.