Application Security Specialist
Minsk
IT /
Full-time /
On-site
We are looking for a self-sufficient Application Security Specialist who is willing to bring the best security approaches to the company’s applications and protect them from various security threats. You will be working in a team of experienced IT engineers who will be glad to assist you to implement your ideas and share knowledge.
Responsibilities
- Continuously run security audits for web and mobile applications, provide recommendations based on the audit results
- Developing, automating and supporting the full cycle of application security testing (SCA, SAST, DAST, etc.)
- Participate in the organization of software life cycle processes (SDLC)
- Consulting development and testing teams on web and mobile application security issues
- Participate in the design and requirements of applications and their features from a security perspective
- Provide input into security-related topics and assist in securing security practices internally within our organization
Requirements
- 1+ years of experience in the same or similar position
- Experience with web and mobile application testing
- Strong knowledge of web and mobile vulnerability types and mitigation techniques (e.g. XSS, SQL Injection, SSRF, Brute Force)
- Knowing at least one of vulnerability search methodology and recommendations for secure development (OWASP, SANS 25, etc.), have experience in fixing them
- Programming and scripting knowledge/skills: C#, C++, Python, PowerShell
- Experience with SCA, SAST, DAST tools
- API security testing experience
- Good knowledge of web security mechanisms (HTTPS, SOP, CSP, Cookie security attributes)
- Knowing basic concepts of information security, cryptography, secure protocols and algorithms
- Willingness to develop in the Application Security field
Nice to have: OSWE/OSCP/OSEP/OSEECEH
These are Just Some of Our Benefits
- Competitive market salary, reviewed once a year
- Professional trainings and conferences, with the partial/full compensation
- Medical insurance (depends on location)
About us:
Finstek is an industry leading Fintech technology provider delivering secure and scalable solutions designed to power intricate financial applications. Founded in 2010, Finstek has developed a set of advanced technological products over the years, with proven track record within the fintech industry. The solutions have become popular and trusted worldwide, being used by top financial institutions. Finstek is committed to provide innovative and reliable solutions based on its robust technologies, infrastructure, and expertise.