Security Engineer (Warsaw)
Instapage is the leader in post-click-optimization. Our solution helps advertisers increase their conversion rates through the building, personalizing, and optimizing of landing pages at scale. With over two million landing pages at an average conversion rate of above 22%, Instapage is helping 15,000 customers across 100 countries capture more value from their campaigns. A Leader in G2Crowd’s Conversion Rate Optimization, A/B Testing, and Landing Page Software grids, Instapage is ranked #1 in customer satisfaction. Instapage is headquartered in San Francisco, CA with offices in Romania and Poland.
As our Security Engineer you will be responsible for:
- Mentoring Software Engineers on Security Best Practices and Awareness
- Collaborate with Development teams on mitigations of Application vulnerabilities
- Be the first response and remediation for Security-related incidents
- Perform routine internal penetration testing and and code reviews of our web application (including preparation of PoC’s and security reports with recommended mitigations)
- Integrate a proactive approach to security in a dynamic development environment
- Cooperate efficiently in a team, understanding other teams needs and our business
- Facilitate collaboration with other Engineers, Product managers, and Leaders to incorporate Security thinking across Teams
- Drive internal security and privacy initiatives
- Actively improve and update professional skills through continued learning
- Own the problem, take advantage of the ability to make your own decisions and also take responsibility end to end.
- You’re familiar with the specifics of security in consumer-facing applications
- Extensive knowledge of internet security issues and technical aspects of security
- Strong coding experience, preferably in PHP/JS (node.js+angular)
- Familiarity with security tools for DAST, SAST, and IAST analysis
- Proven Pentesting experience
- Excellent communication abilities
- Good command of English
- At least one year of solid experience after graduation (for Senior 3-5 years).
Nice to have:
- Experience with designing and debugging complex systems.
- Track record of shipped projects. Ideally in a similar domain (such as high scale, reliable 24/7, SaaS)
- Experience and strong technical knowledge in application security such as those outlined in OWASP Top 10, cryptography, authentication and authorization, and security design architectural patterns
- Contributions to the security community (public research, blogging, presentations, etc)
- Solid understanding of container security is appreciated.
- Work in a real startup from the Silicon Valley where your ideas matter and where you can have real influence on our products
- Office located in city center, near the M2 metro line
- Shared equity ownership
- Office Exchange program after one year to one of our offices (San Francisco, California or Timisoara, Romania)
- Work in an environment of transparency with lots of exposure to senior management
- Yearly conference/workshop budget
- Flexible working hours
- Social room filled with snacks, fresh fruits and table football
- Multisport card, private health insurance and group life insurance
- Team lunches and breakfasts once a week
- Frequent company events