Software Engineer VI - Security Specialist

Mexico (Remote) /
Technology – Engineering /
Full Time
We are Kueski, and our mission is to develop an ecosystem of financial products which are simple and convenient for our users.  We are part of the financial digital transformation, being one of the key players in México.


Objective: 
Infrastructure and CI/CD teams are responsible for enabling product Software Development teams to efficiently launch their services and applications into cloud environments while ensuring that Security and Architectural standards are met. They work closely with other engineers so they can properly understand and improve their workflows without burdening them with infrastructure details and compliance requirements.
We’re looking for a Staff Software Engineer with strong programming foundations who is passionate about infrastructure and Continuous Delivery, while highly aware of security requirements and best practices, having to constantly balance between empowering the rapid growth of a Startup and the demands of working in the Finance Sector.

Requirements of the position: 
-Experience to transform requirements into working software in production.
-Ability to collaborate in an interdisciplinary team.
-Experience to make decisions based on tradeoffs between business, product and technology.
-Experience to undertake and lead medium to complex projects that require multiple iterations and may involve different technologies.
-Experience troubleshooting and debugging problems.
-Strong experience in Software Engineering.
-How a good Software Development Lifecycle (SDLC) is organized.
-How the non-functional requirements are part of delivering a solution.
-Experience on the different types of testing and their importance in the SDLC.

You will need to be successful: 
-Understand the underlying problem when facing a challenge.
-Design and implement solutions for the problems.
-Fix bugs and resolve incidents.
-Identify and communicate risks.
-Support and promote best practices among the team.

Technical skills and knowledge:
-5 years experience engineering IT security solutions in cloud platforms such as Amazon Web Services (AWS)
-Strong experience assessing, developing, implementing, optimizing and documenting a comprehensive and broad set of security technology solutions and processes.
-Strong experience with IT security in service-oriented and microservices for cloud-based services
-Experience working with cloud security and governance tools, cloud access security brokers (CASBs) and virtualization technologies.
-Experience balancing business, product and technology when making decisions.
-Technical background in programming.Fundamentals of relational databases.
-Familiar with common security libraries, security controls, and common security flaws that apply to Ruby on Rails applications.
-Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
-Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.Knowledge of browser-based security controls such as CSP, HSTS, XFO.GitLab and Github experience

Nice to have:
-Experience with Ruby.
-Knowledge in ISO27001 certification
Benefits and Perks:
- Major medical insurance
- Stock options
- Flexible work time, including working from home 100% Remote 
- 10 days of vacations + 50% vacation bonus
- Personal Days
- Saving Fund 
- Pantry Vouchers
- 30 day Christmas Bonus