Application Security Engineer - remote

Syncro / RepairShopr
Posted 3 years ago
Stack Overflow

Syncro is a small team crafting applications helping small businesses be more successful. Our software does job tracking, marketing, invoicing, integrates tons of online tools -- and is awesome.

We're building a company that has fun inventing. We go fast, and our customers love us. Thousands of repair shops and IT professionals all over the world rely on our platform for their entire business operations.

We are different - we really do care, the founders are writing this ad and holding interviews.

We are building a powerful Remote Machine Management (RMM) platform and this space demands the utmost in security. This is where you come in! As the Application Security Engineer, we would rely on you to manage security in our multi-cloud infrastructure, help build internal security tools/scripts, and document everything as you go! You would play a key role in incident response and we have a bug bounty program that we’d love to get your help to nurture and expand. 

  • Core Responsibilities
    • Help manage internal Security Operations
      • Manage Cloud Security (accounts, logs, roles, groups, permissions, employee access control)
      • Manage planned external pentesting
      • Helping triage Bug Bounty reports
    • Incident Response
      • Do research and log analysis for a variety of different types of incidents
      • write lots of security documentation and playbooks around our platform, ops, incidents, etc
    • Build your own tooling
      • We want to encourage you to try out new tools and experiment to find the right tool for the job
      • Writing custom scripts and tools to help with Operations
  • Bonus
    • Help surface new security trends and best practices
    • User education
    • Source code scanning
    • Vulnerability Scans
    • Managing and expanding our current Bug Bounty program

Experience:

  • Strong understanding of web applications and security
  • Experience working in or on a bug bounty program
  • 3-5 years in a similar role or doing similar things
  • familiarity with OWASP guidelines
  • Software development or scripting experience (Python, Shell, Java, json, Scrum, Jira, etc.)
  • Familiarity with network and web application protocols (Http, Https, TCP/IP, SAML 2.0, OAuth 2.0, Rest APIs, etc.)

Highlights: 

  • Salaried position designed to grow with the company (seriously, try us).
  • We want this to be your dream job and to help you make that so.
  • We are focused on personal and professional growth and we’ll keep you challenged, learning, passionate, and growing.
  • Close-knit team —every person counts.
  • Flexibility: We’re results-oriented and want to help you create a position that suits your life.
  • We're currently a dispersed team working from home. 
  • Health benefits and 401(k).

Syncro is an equal opportunity employer. We value diversity and are committed to creating an inclusive environment where all employees can thrive and do their best work, free from discrimination and harassment.