LearnUpon is looking for an

Application Security Analyst

to join our team in Belgrade

LearnUpon is a cloud based software company headquartered in Dublin, Ireland with offices in Philadelphia, Belgrade and Sydney. LearnUpon is designed for organizations looking to distribute their courses and track their training quickly and easily at scale.

At LearnUpon we put our customer’s experience at the heart of everything we do, we always strive for the best solution (not the easy one), and we commit to producing work that we can be proud of. Our company is a very open, collaborative environment where team and individual accomplishments are celebrated and encouraged. Join a company where everyone works together as a friendly, supportive team who like to have fun! 

Our Application Security team performs a variety of security related functions, from vulnerability assessments to intern penetration testing to secure development tuition, and all aspects of application security / InfoSec security. This is a varied role with a chance to research latest trends, new tools, and continuously improve LearnUpon application security.

What will I be doing?

On a day-to-day basis you will be performing a number of duties, including:

• Responsibility for roll out of internal penetration testing program, including planning, execution, and reporting thereof
• Researching and implementing tools and/or scripts to help achieve a robust testing program
• Work with developers to understand risk assessment of different parts of the app (to help with pen-test planning)
• Work with developers to share knowledge around pen-testing process, and secure development best practices
• Work as part of the Application Security team, and wider Dev/Product/Security teams to ensure application security
• Continuously learning, and upskilling in all aspects of web application security

What skills do I need?                                                                                         

• A Bachelor Degree (4-year), with a technical major, such as software engineering or computer science.
• At least 1 year professional experience in pen-testing, or similar web application security role.
• A demonstrable knowledge of common web application vulnerability / attack vectors.
• Detailed knowledge of current / popular attack vectors including, but not limited to, OWASP Top 10.
• Experience using a variety of tools to intercept, manipulate and replay HTTP requests.
• A good understanding of common web application architecture (including XHR requests, CORS, CDNs).
• A keen interest in ethical hacking.
• Experience using proxying tools (e.g. Zaproxy, etc.) to monitoring.

Don’t worry if you don’t tick every box in order to apply, we’re always happy to review applications and take all experience into consideration. We do our best to provide feedback where we can!

Not required but considered a big plus

• Experienced in Pen-testing web applications on a large scale and/or Red-teaming
• CISSP / CompTIA Security+ / RSA / Related InfoSec certification
• Experience in developer secure-coding training
• Use of automation

Why work with us?

• Work in a fun and supportive environment with regular team events.
• Excellent career progression - take LearnUpon where you think it can go.
• Structured learning environment.
• Competitive salary and company ESOP.
• Private health insurance.
• 22 days annual leave.

What is the Hiring Process?

Applicants for the position can expect the following hiring process:

• Qualified applicants will be invited to schedule a 30-minute call.
• Successful candidates will then be invited to a series of practical interviews.
• Finally, candidates will have a short interview with our CEO/CTO.
• Successful candidates will be contacted with an offer to join our team.

If you are interested in applying for this role please send your CV in confidence electronically. We look forward to hearing from you!

Deadline for applications: 09.11.2019.