Startise This company has been verified by this domain - startise.com

Dhaka, Bangladesh

Job Title

Application Security Engineer

Vacancies

Salary

30000 - 40000 BDT Monthly

Location

Mirpur DOHS, Bangladesh

Job Type

Permanent On-site

Deadline

30 June, 2024

Company Description

Startise is a software product company focused on WordPress & SAAS products. We strongly believe ‘good for the business' should also mean ‘good for the customers’ and we build tools that can help both small businesses and individuals to grow their websites.

With 6 million + happy users from 180+ countries worldwide, WPDeveloper is growing exponentially & offering solutions to enhance web building experience.

Skills

Security
SQA

Job Description

Startise is looking for an Application Security Engineer who has a deep personal interest in web application security and who can help us validate vulnerability reports and perform code-reviews on PHP and Javascript based applications. This is a crucial role to secure applications used by 6 million plus users globally. Most importantly, we're looking for a full-time team member who is an excellent communicator and who can grow with the rest of the team.

Requirements:

Proven experience as an application security engineer or similar role
A solid understanding of WordPress and its ecosystem is required
A solid understanding of core PHP & JS, OOP and MySQL is required
Strong understanding of Bash Scripting, Linux system administration, network security principles and protocols is required
A solid understanding of how browsers, the web and HTTP works
Hands-on experience with security testing tools like BurpSuite, OWASP ZAP, or Metasploit is required
Deep understanding of web application security concepts and common vulnerabilities (OWASP Top 10, CVSS Scoring, CVE) is required
Effective communication skills, with the ability to convey complex security concepts to technical and non-technical team members

Would be helpful:

Regular attendance in CTF competitions will help identify a good candidate
Active participation in bug bounty programs, demonstrating practical skills in identifying and resolving security vulnerabilities
Having industry certifications is a plus
Previous vulnerability research and findings, preferably CVE IDs assigned under your name

Job Responsibilities

Day-to-day tasks include:

Regularly perform security code reviews and penetration tests against PHP based applications (Mostly WordPress)
Perform black-box penetration tests on SaaS solutions (Laravel, NodeJS)
Review and analyze code for security vulnerabilities, including static and dynamic analysis
Validate vulnerability reports from renowned security vendors such as Patchstack, WordFence, etc
Collaborate with development teams to prioritize and remediate security issues
Monitor and respond to security incidents, including conducting root cause analysis
Perform functional and non-functional testing
Provide suggestions and recommendations for secure application design
Stay updated on the latest security threats, vulnerabilities, and industry best practices

Life at WPDeveloper

Stay Connected

Subscribe now and join with 6 Million+ users to get exclusive WordPress resources