Job Purpose
Responsible for developing Instabug’s security program including analyzing software designs and implementations from a security perspective, identifying and prioritizing security issues. Also include the appropriate security analysis, defenses and countermeasures for our applications and infrastructure.
Job Responsibilities
Product and Infrastructure Security
- Work closely with the product and engineering teams to review new features and suggest new ones.
- Drive S-SDLC in our cycles and review security acceptance criteria and threat modeling.
- Guide and train the team to cover security checks and security best practices.
- Perform pre- and post-deployment security tests.
- Work closely with the DevOps and platform teams to identify security issues through red teaming activities.
- Define, implement, and monitor infrastructure security measures.
- Assess security tools and integrate tools as needed.
Incident Response & Research
- Follow new security news, trends, tools, and incidents and drive needed changes.
- Support in managing our Bug-bounty program and security channels.
- Conduct vulnerability research against Instabug assets.
- Work on understanding and improving our security logging and monitoring solutions.
- Coordinate company-wide response to security incidents till remediation.
- Vulnerability management for production/testing environments
Requirements
- Bachelor’s degree in Computer Engineering, Computer Science, or equivalent discipline.
- 2+ years of relevant experience.
- Familiar with any of the following: Nessus, MetaSploit, Burp Suite, Kali, NMap, Fortify, Acunetix.
- A good understanding of Linux & Cloud infrastructure like AWS & GCP.
- Application and/or infrastructure penetration testing experience above and beyond running automated tools.
