Security Project Manager responsible for managing cyber - security project delivery and ensuring quality execution in Bulgaria. Requires excellent communication skills and fluency in English.
About the role
- Security Engineer ensuring Mercari products meet security standards and assisting with security issues in Tokyo. Involved in threat modeling, security testing, and system vulnerabilities.
Responsibilities
- Review product designs to define necessary security requirements based on threat modeling.
- Review proposed architectures and propose a set of security controls in order to minimize risk.
- Review source code to find security problems and potential vulnerabilities.
- Conduct vulnerability assessments and penetration testing on Mercari’s Backend, Web, iOS, and Android applications.
- Automate security checks and tests so that they can be easily and transparently plugged into the CI/CD pipeline.
- Develop technical solutions to help mitigate security vulnerabilities.
- Maintain technical and security standards for Web and mobile application technologies.
- Educate developers on secure coding practices with workshops, talks, and lessons.
- Evaluate and investigate suspected security events or incidents and perform remediation in accordance with Incident Response procedures.
- Collaborate with information security officers, the legal team, and internal auditors on technical security matters.
Requirements
- Bachelor's degree or equivalent practical experience.
- Programming experience with one or more programming languages including but not limited to: Go, PHP, Java, Ruby, Python, Swift, Kotlin, or JavaScript.
- 4+ years of experience analyzing the security of systems (penetration testing, Web application security testing, vulnerability scanning, threat modeling, etc.).
- Good understanding of modern Web application architecture, TLS, HTTP, TCP/IP, and standard network and system security technologies.
- Experience with modern software development tools, such as distributed version control systems (git), dependency management, build systems, and CI/CD pipelines.
- Strong teamwork skills in a diverse environment.
- Effective interpersonal and communication skills.
- In-depth technical knowledge of security engineering, computer and network security, Unix-based operating systems, mobile security, authentication, security protocols, and applied cryptography.
- Strong experience in securing both backend (Go, PHP) and frontend (Web, JavaScript, iOS, Android) applications with the ability to adopt new frameworks and technologies quickly.
- Good understanding of development methodologies such as Object-oriented Programming (OOP), Domain-driven Design (DDD), and Test-driven Development (TDD).
- Good understanding of microservice architecture and related security patterns.
- Good understanding of the inner workings of OAuth2 and OIDC implementations.
- Knowledge of container and orchestration technology like Docker and Kubernetes.
- Experience working with large-scale cloud infrastructure and services (GCP or AWS).
- Experience with securing large-scale cloud infrastructure through analyzing CSPM alerts from tools such as Wiz.
- Experience working in an agile and DevOps-centric environment.
- Japanese: Ideal but not required
- English: Independent (CEFR-B2)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.
IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud - native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.
Experienced Information Security Officer at Daikin responsible for defining Information Security strategy and ensuring compliance with regulatory frameworks. Collaborating with external specialists and mentoring junior team members in EMEA.