Senior Security Engineer - AppSec [IT AND SECURITY]
Senior Security Engineer - AppSec [IT AND SECURITY]
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The role
Were looking for a new teammate to join us on the journey of keeping HelloFresh a trusted name - someone with a passion for security and appetite for new challenges. Security Engineers work in a variety of ways to constantly iterate and improve HelloFreshs security posture.
You will be part of the squad responsible for maintaining and improving HelloFreshs Vulnerability Management Program which provides umbrella coverage to Pentest Red Teaming Cloud Assessment Source Code Review use of vulnerable dependencies Supply Chain Audits and Bug Bounty program.
What youll do
- Perform network/cloud penetration web and mobile application testing source code reviews threat analysis wireless network assessments and social-engineering assessments
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff executive leadership and legal counsel
- Use formal project management skills in planning tracking and reporting to close the remediation loop
- Recognize and safely utilize attacker tools tactics and procedures used to perform analysis and identify vulnerabilities
- Develop scripts tools or methodologies to improve HelloFreshs Vulnerability Management Program
What youll bring
- 4-7 years experience demonstrating above average ability in any 4 of the following areas of offensive security: Network Wireless Cloud Web Mobile API Assessments Source Code Review Red Teaming Social Engineering
- Thorough understanding of network protocols data on the wire client-server model application design and architecture and different classes of application security flaws
- Proven proficiency in one modern scripting language like Python or Go
- Relevant application penetration testing certifications such as Offensive Security Web Expert (OSWE) certification GIAC Web Application Penetration Tester (GWAPT) or equivalent mobile/web certification
- Participation in web hacking challenges competitions or bug bounties
- Development of tools or plugins used to conduct security testing and analysis
- Developing extending or modifying exploits shellcode or exploit tools
- Source code review for control flow and security flaws
- Strong knowledge of tools used for cloud wireless web application and network security testing
What we offer
Elevate your lifestyle! Join one of Europes fastest-growing tech powerhouses in a dynamic phase of expansion.
- Immerse yourself in a diverse global community of 90 nationalities.
- Enjoy a competitive compensation package that goes beyond the norm with perks like a HelloFresh- subsidized Pension Scheme Berlin relocation support and a Hybrid working model.
- Elevate your lifestyle with exclusive discounts on your weekly HelloFresh box and office meals.
- Invest in your growth with a German language learning budget and access to the HelloFresh Academy.
- Plus weve got your well-being covered with mental health support transportation perks and working-parent-friendly benefits. From our 24/7 gym accesswellbeing platforms like Headspace and Spill to sabbatical leave options HelloFresh is not just a workplace; its a lifestyle of perks and possibilities!
#IT #Security
HelloFresh is committed to the principles of equal employment opportunity and providing reasonable accommodations to candidates with disabilities. If you need an accommodation during the application process please reach out to us at:
Europe:
APAC:
United States:
Canada:
Required Experience:
Senior IC
Employment Type
Full Time
