Collaborates with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation. Identifies security gaps and vulnerabilities in ClickHouse Cloud and OSS, triages a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows. Drives implementation and usage of engineering security tools.
Job listings
Europe
4w PTO
As an Application Security Engineer help shape the security of Veeam products, enhancing data protection and driving business resilience. Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services. Work with development teams to integrate secure development practices into the software development lifecycle. Collaborate on the design and implementation of security within Veeam products.
Collect, process and analyze information from various sources, (including open-source intelligence (OSINT), dark web forums and threat intelligence feeds) and translate threats to RSI requirements. Configure and maintain the Threat Intelligence Platform. Develop and maintain a comprehensive understanding of threat actors, their tactics, techniques and procedures (TTPs) and their potential impact on our organization.
Perform manual penetration testing of web applications, APIs, internal and external networks, iOS and Android mobile applications as a member of a pentest team, collaborating and engaging directly with the client. Document in detail the results of assessments, audits, tests, and verification activities. Perform manual validation of vulnerabilities and mobile and web app pentesting for OWASP top 10 vulnerabilities.
The Information Security Officer supports Kilnโs VP of Security in defining and executing the companyโs information security program. Acting as the GRC (Governance, Risk & Compliance) lead, the ISO aligns security strategy with business goals and regulatory standards. The role includes leading risk assessments, compliance initiatives, KPI development, and driving a strong security culture across the organization.
A talented professional is needed to join the Security Operations Center (SOC) team as a L1 SOC Analyst. The role involves detecting, analyzing, and responding to cybersecurity threats and incidents, requiring strong analytical skills, knowledge of security operations, and expertise with SIEM platforms, especially Microsoft Sentinel. Responsibilities include real-time monitoring, incident investigation, and collaboration with other cybersecurity teams.
This role strengthens and optimizes the organization's security capabilities by reviewing existing tools, applications, and processes to identify gaps and establishes and maintains cloud security architecture best practices, focusing on cloud platforms and integrates new and existing security platforms. The role collaborates with R&D teams to maintain a secure architecture and analyzes security events for anomalous activity.
Perform real-time monitoring and analysis of security events and alerts from various security tools, including SIEM (Sentinel), Microsoft Defender Suite, Firewalls, IDS/IPS, WAFs, and other security logs. Analyze telemetry from Microsoft Defender products within Microsoft Sentinel. Conduct in-depth investigations of escalated security incidents, performing root cause analysis to understand the full scope and impact.
You will be instrumental in designing, building, and maintaining robust security features for our SaaS product that will delight our customer CIOs, working on challenging problems at the intersection of application development and security, directly contributing to the resilience and trustworthiness of our platform and protecting our customers and their data 24/7.
Secure Gensynโs decentralized systems, tooling, protocols and services. Own and develop security posture, tools, and strategy for application-level systems: web apps, APIs, and Smart Contracts. Perform threat modeling, architecture reviews and design reviews for new features, services and protocols. Monitor and respond to application-level security incidents. Stay abreast of emerging threats relevant to our stack and proactively apply mitigations. Educate teams across the company on security best practices.