الوصف الوظيفي
About the job Security Engineer
About Us
At Bazaar, were on a mission to build an operating system for traditional retail in Pakistan, that creates opportunities for retailers, suppliers, and workforce across the country. We are continuously working towards cultivating an environment that inspires, empowers, and challenges each individual as they take on this road to self-discovery.
We are eager to build the most diverse and creative team - celebrating differences and learning from each other.
About the role
As a Security Engineer, you will be extending, testing and validating threat detection and response capabilities across Bazaar. You should have the right technical depth, security intuition, and entrepreneurial spirit. You will use your security knowledge and strong engineering skills to build and sustain innovative solutions and platforms which enables Bazaars Security Engineering to quickly identify, mitigate and respond to abuse and intrusion.As a Security Engineer, you will:Establish goals and track related metrics for vulnerabilities, including vulnerability discovery, classification and resolution time objectivesPerform penetration testing, document results and remediation efforts for status reportsArchitect and build tools for threat detection, forensic automation and security responseDevelop incident prediction, management & mitigation processEnhance the security incident response by providing data and queries to respondersUse your security background to derive security insights from our dataContribute directly in Software development and DevSecOps to help Bazaar enable Security by designAnalyze logs and application metrics to detect vulnerabilities and threatsDevelop secure coding standards that are based on industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT Secure Coding to address common coding vulnerabilitiesBe a subject matter expert and ambassador to Bazaar Engineering for secure coding practices, penetration testing, mobile platform security and all aspects of application and product securityYou will also have the unique opportunity to explore other areas of software development like backend, devops, security, web frontend, scripting and more.
Technical Skills Required:Unit Testing (and other kinds of testing including Component, Integration and Contract testing)Experience with at least one high-level programming language (e.g., Kotlin, Java) and at least one scripting language (e.g., Python, JavaScript, Bash)Knowledge in Software Architecture and Design conceptsKnowledge (and preferably hands-on) managing Web Application FirewallsKnowledge (and preferably hands-on) using Open Source penetration testing tools, including Metasploit or the Kali Linux tool setKnowledge of open security testing standards and projects, including OWASP and the MITRE ATT&CK MatrixDecent knowledge in Linux and *nix SystemWorking experience in any major cloud platform (e.g. Google Cloud or AWS)Knowledge (and preferably hands-on) of APM tools (e.g. NewRelic, Prometheus+Grafana)Basic DevOps stuff (including Kubernetes, IAC, Docker)Experience with distributed logging platforms (e.g ELK stack)Knowledge (and preferably experience) of Microservices and distributed software architectureIncidents management and mitigation
Skills Required:2+ years of solid experience in software engineeringPrior experience building a security analytics, intrusion detection or abuse detection platform would be preferredSelf-starter, 100% ownership and unshakeable enthusiasmStrong communication and interpersonal skillsShould possess strong willingness to get hands dirty (literally), get stuff done and strong work ethicsHas relentless focus, strong prioritization skills, and the ability to multitask while working in a highly charged environment
What We Offer:A culture that empowers you everyday to take charge and deliver outstanding resultsA power-packed team that develops you to be the best version of yourselfAn opportunity to explore new avenues, break down barriers and execute on own ideas with complete autonomyRewards based on merit and a flexible work environment with an unlimited leave policyA healthy compensation, insurance, and stock options plan to take care of yourself and your families
At Bazaar, we respect and accept our colleagues as they are. We are an Equal Opportunity Employer promoting diversity in all its forms (thought, culture, gender and background). Any kind of discrimination is not only condemned but a punishable offense for the company.We would encourage you to shoot your shot, dream big and apply away, even if your confidence makes you feel otherwise. We acknowledge Imposter Syndrome as a persistent impediment to career growth and we would not want to lose a candidate like you.
