Security engineer, remote

The Trust and Security team at InCountry is focused on ensuring the appropriate internal controls are in place and operating effectively to mitigate risks to InCountry and its customers. As a key team member of the Trust and Security team, you will help ensure InCountry maintains the highest level of security and privacy in our services, evangelize the importance of security and privacy both internally and externally, manage the InCountry SDLC program and work directly with InCountry engineering teams to ensure InCountry ships and maintains secure and private services.

Maintain SDLC program
Conduct penetration testing of application and infrastructure and work with teams to close all findings
Perform threat models of all applications, risk rate all findings and work with teams to close all findings
Develop, communicate and provide regular updates on application security roadmap

Required Skills

3-5 years in an application security role
Prior experience developing threat models in alignment with industry standards (e.g. NIST, MS SDL, etc)
Be a security subject matter expert and respond to any internal security engineering questions/request
Correctly balance security risk and product advancement
Perform penetration testing on our internal and external applications
Perform proactive research to detect new attack vectors
Prior experience integrating static & dynamic analysis in CI/CD pipeline
Train our engineers on secure software engineering
Excellent written and verbal communications skills
SME in cryptography, authentication and security protocols
Bachelor's degree in Computer Science or a related field

Preferences:
Prior experience with GCP, AWS, Azure and GKE
Has a deep understanding of web applications

Experience RequiredMid-Senior level

Location [remote]

To respond to a vacancy:

1. Link https://www.linkedin.com/in/zulfiiagasanova/

2. Telegram https://t.me/ZulfiaG