MZ is seeking a Senior Application Security Engineer who is driven to work on some of the most challenging security problems. You will use your skills to secure products running on large and complex technology stacks. The role is flexible and will be shaped around your strengths, with either a focus on penetration testing and code review, or developing tools (static/dynamic analyzers, fuzzers, etc.).
- Can see the big picture: Ability to map attack surfaces, assess threats, and prioritize issues
- Adaptability: Quickly learn new technology stacks, programming languages, and frameworks
- Methodology: Know how to review code efficiently and automate testing with simple scripts/
- : Read and write multiple programming languages. C/C++, PHP, Erlang, Lua, and Python are highly valued, but others will help too.
- Communication: Strong communicator and team player, know how to explain complex issues with simple terms
- Deep knowledge: Understanding of OS concepts and internals, compilers, reverse engineering
- Bachelors degree
- Experience with code analyzers, such as Fortify or Veracode
- Knowledgeable regarding web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH)
- Ability to write complex software in multiple languages
- Skills in using JIRA
- Mobile application security (iOS and or/ Android)