Product Security Engineer in Constanţa

Cloud (nice to have) Scripting (regular) Vulnerability Management (regular) penetration testing (regular) threat modeling (regular) Security testing tools (regular) Security (regular) We’re looking for a hands-on Security Engineer to join our growing Product Security team.The opportunity:Security engineers at Egnyte are involved in every stage of the SDLC pipeline to highlight security vulnerabilities and provide expert advice on reducing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.Currently, we’re seeking an engineer who’s well-rounded in terms of application security and has in-depth expertise in one or more particular areas. You’ll be able to apply your skills to interesting challenges—joining Egnyte is an opportunity to work with diverse technologies and large-scale software (1 million users, 20k transactions per second, 28 Petabytes of data).  Working closely with more senior security engineers will enable you to develop your expertise in the wide range of areas of your choosing.To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.Your day-to-day at Egnyte:Work with engineering teams providing expertise and advice regarding secure architecture, design, and implementationDevelop reliable and scalable security-oriented toolsWork with the rest of the Security Data Governance & Compliance team to ensure you achieve team objectivesPerform blackbox and whitebox application and network penetration testingReproduce, score, and further analyze issues reported through our bug bounty programs Identify opportunities for vulnerability remediation and mitigationDevelop tools, documentation, processes, and techniques to ensure the security of our softwarePartner with engineering teams in the design phase of new products and features to conduct threat modeling, plus security architecture, design, and code reviewsShare your experience with junior engineers to foster a culture of excellence What skills are we looking for? 2+ years of application security experience, offensive security preferredHands-on experience performing security code reviewsFamiliarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services spaceBeing able to learn and find bugs in any language, specifically Java, JavaScript, Go, and PythonSolid knowledge of security testing tools and techniquesBeing a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.In-depth knowledge of OWASP guidelinesAbility to write and deploy your own tools and automation (preferably in Python)Good command of English that allows you to effectively communicate and perform your tasks (B2/C1+)Bonus Points:Experience as a hands-on developer in Java, Python, or JavaScript.Experience with security assurance for desktop and mobile applications.Experience running penetration testing against cloud-native applications