Application Security Analyst
Belgrade
LearnUpon is looking for an Application Security Analyst to join our team in Belgrade.
LearnUpon is a cloud based software company headquartered in Dublin, Ireland with offices in Philadelphia, Belgrade and Sydney. LearnUpon is designed for organisations looking to distribute their courses and track their training quickly and easily at scale.
At LearnUpon we put our customer’s experience at the heart of everything we do, we always strive for the best solution (not the easy one), and we commit to producing work that we can be proud of. Our company is a very open, collaborative environment where team and individual accomplishments are celebrated and encouraged. Join a company where everyone works together as a friendly, supportive team who like to have fun!
Our Application Security team performs a variety of security related functions, from vulnerability assessments to internal penetration testing to secure development tuition, and all aspects of application security. This is a varied role with a chance to research latest trends, new tools, and continuously improve LearnUpon application security.
What will I be doing?
On a day-to-day basis you will be performing a number of duties, including:
- Responsibility for roll out of internal penetration testing program, including planning, execution, and reporting thereof
- Researching and implementing tools and/or scripts to help achieve a robust testing program
- Work closely with our AppSec Champions to define potential risks of different parts of the app, while gathering intel to help with pen-test planning.
- Work with developers to share knowledge around security threats and secure coding best practices.
- Create and deliver application security workshops and training to the Engineering team members.
- Work as part of the Application Security team, and wider Dev/Product/Security teams to ensure application security.
- Continuously learning, and upskilling in all aspects of web application security
What skills do I need?
- A Bachelor Degree (4-year), with a technical major, such as software engineering or computer science.
- At least 1 year of professional experience in pen-testing, or similar web application security roles.
- A demonstrable knowledge of common web application vulnerability / attack vectors.
- Detailed knowledge of current / popular attack vectors including, but not limited to, OWASP Top 10.
- Experience using a variety of tools to intercept, manipulate and replay HTTP requests.
- A good understanding of common web application architecture (including XHR requests, CORS, CDNs).
- A keen interest in ethical hacking.
- Experience using proxying tools (e.g. BurpSuite Pro, ZAP, etc.).
Don’t worry if you don’t tick every box in order to apply, we’re always happy to review applications and take all experience into consideration. We do our best to provide feedback where we can!
Not required but considered a big plus
- Experienced in Pen-testing web applications on a large scale and/or Red-teaming
- CISSP / CompTIA Security+ / CEH / Related InfoSec certification
- Experience in developer secure-coding training
- Familiarity with Ruby on Rails
Why work with us?
- Work in a fun and supportive environment with regular team events.
- Excellent career progression - take LearnUpon where you think it can go.
- Structured learning environment.
- Competitive salary and company ESOP.
- Private health insurance.
- 22 days annual leave.
What is the Hiring Process?
Applicants for the position can expect the following hiring process:
- Qualified applicants will be invited to schedule a 30-minute call.
- Successful candidates will then be invited to a series of practical interviews.
- Finally, candidates will have a short interview with our CEO/CTO.
- Successful candidates will be contacted with an offer to join our team.
Visit our Careers page to find out more about working for LearnUpon, and check us out on Instagram.
Deadline for applications: 03.05.2020.