RB
Cyber Security Engineer at Regions focusing on cloud and infrastructure security. Designs and implements cybersecurity solutions while providing technical support and guidance.
About the role
- Review product designs to define necessary security requirements based on threat modeling.
- Review proposed architectures and propose a set of security controls in order to minimize risk.
- Review source code to find security problems and potential vulnerabilities.
- Conduct vulnerability assessments and penetration testing on Mercari’s Backend, Web, iOS, and Android applications.
- Automate security checks and tests so that they can be easily and transparently plugged into the CI/CD pipeline.
- Develop technical solutions to help mitigate security vulnerabilities.
- Maintain technical and security standards for Web and mobile application technologies.
- Educate developers on secure coding practices with workshops, talks, and lessons.
- Evaluate and investigate suspected security events or incidents and perform remediation in accordance with Incident Response procedures.
- Collaborate with information security officers, the legal team, and internal auditors on technical security matters.
Requirements
- Bachelor's degree or equivalent practical experience.
- Programming experience with one or more programming languages including but not limited to: Go, PHP, Java, Ruby, Python, Swift, Kotlin, or JavaScript.
- 4+ years of experience analyzing the security of systems (penetration testing, Web application security testing, vulnerability scanning, threat modeling, etc.).
- Good understanding of modern Web application architecture, TLS, HTTP, TCP/IP, and standard network and system security technologies.
- Experience with modern software development tools, such as distributed version control systems (git), dependency management, build systems, and CI/CD pipelines.
- Strong teamwork skills in a diverse environment.
- Effective interpersonal and communication skills.
- In-depth technical knowledge of security engineering, computer and network security, Unix-based operating systems, mobile security, authentication, security protocols, and applied cryptography.
- Strong experience in securing both backend (Go, PHP) and frontend (Web, JavaScript, iOS, Android) applications with the ability to adopt new frameworks and technologies quickly.
- Good understanding of development methodologies such as Object-oriented Programming (OOP), Domain-driven Design (DDD), and Test-driven Development (TDD).
- Good understanding of microservice architecture and related security patterns.
- Good understanding of the inner workings of OAuth2 and OIDC implementations.
- Knowledge of container and orchestration technology like Docker and Kubernetes.
- Experience working with large-scale cloud infrastructure and services (GCP or AWS).
- Experience with securing large-scale cloud infrastructure through analyzing CSPM alerts from tools such as Wiz.
- Experience working in an agile and DevOps-centric environment.
- Japanese: Ideal but not required
- English: Independent (CEFR-B2)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
CA
Capital.comIAM Security Engineer
IAM Security Engineer focusing on identity and access management automation in a dynamic digital assets company. Contributing to scaling IAM infrastructure through automated solutions and secure user lifecycle management.
FC
Ford Motor CompanySecurity Systems Data Integration Specialist
Data Analyst joining Ford's team to focus on security technologies and data integration. Responsible for improving data operations across global infrastructure and complex requests.
FC
Ford Motor CompanyMobile App Product Manager, Vehicle Security
Digital Product Manager at Ford creating connected vehicle experiences through integrated hardware and software solutions. Collaborating with teams to enhance customer experience through new digital products.
Cybersecurity Engineer implementing Zero Trust Reference Architecture solutions at Mythics. Deploying and maintaining Forescout platform within secure environments.
WA
WattpadSecurity Governance Manager
Security Governance Manager at WEBTOON responsible for IT and Security governance framework. Collaborating with Legal, Product, and Engineering teams in Los Angeles headquarters.
CS
Commonwealth Fusion SystemsManager, Cybersecurity – Operations
Manager of Cybersecurity leading the company's cybersecurity initiatives at Commonwealth Fusion Systems. Responsible for security policies and team management to protect information assets from cyber threats.
Principal Cloud Operations Developer at AVEVA enhancing Cloud security and leading deployment process improvements. Collaborating with development teams to ensure operational security, stability and scalability.
CO
ConstelliumCybersecurity Manager
Responsable cybersécurité gérant la sécurité informatique de l'entreprise. Évaluant la conformité des systèmes d'information et pilotant la feuille de route cybersécurité.
DE
Daikin EuropeInformation Security Officer – ISO
Information Security Officer ensuring legal and cybersecurity compliance across IoT product development at Daikin. Supporting development teams and managing security awareness training.