Application Security Analyst in Bucuresti

Our CompanyChanging the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!The challengeDo you wake up every morning thinking about cybersecurity? Are you looking for a great opportunity to have an impact across all Adobe products and services then this position is for you!At Adobe, we recognize that our customers benefit when we take a collaborative approach to vulnerability disclosure. We pride ourselves on the symbiotic relationship we’ve cultivated with the security community and continue to value the contributions that security researchers of all stripes make to hardening our software. New bug reporting platforms have enabled part-time hobbyists to become full-time freelance security researchers, and Adobe is committed to working collaboratively with an ever-widening pool of security professionals.The Product Security Incident Response Team (PSIRT) is responsible for Adobe’s vulnerability disclosure program and is the first responder when a security researcher reports a vulnerability finding affecting an Adobe product, online service or web property. In addition to its role as conduit with external researchers, PSIRT partners with both internal and external stakeholders to ensure vulnerabilities are handled in a manner that minimizes risk to customers and encourages researchers to disclose in a coordinated fashion.Adobe's PSIRT is seeking a dynamic candidate to contribute to our world-class security organization.What you’ll doValidate and assess severity of public and privately disclosed security vulnerabilitiesPerform root cause analysis and provide remediation recommendations to engineering teamsDrive security issues to resolution through continuous engagement with stakeholders including engineering, public relations, customers and external security researchersInvestigate and respond to customer security inquiriesBuild tools to automate security testing and streamline workflowsBuild relationships with security researchers are accurately credited or paid for their responsible disclosuresWhat you need to succeedBachelor’s degree in computer science, engineering or a related field and 1-3 years of practical experienceKnowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniquesProven ability to grasp and communicate complex technical detailsProficiency using web security testing tools such as BurpFamiliarity with Python (preferred)Demonstrated to balance multiple tasks, projects and assignmentsDependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressureEstablished track record managing vulnerability disclosure programs (i.e. HackerOne) a plus