Workvivo is transforming the future of work by creating a digital experience that brings workplace culture to life. We are committed to our customers, obsessed with improving employees working lives and driven by results. We practice our core values of Commitment, Professionalism, Loyalty, Innovation and Playfulness every day.
Senior Security Engineer
We are on the lookout and are seeking enthusiastic and experienced Senior Security Engineers to join the Workvivo Infrastructure team. The ideal candidate enjoys breaking software, hacking infrastructure, and proving that the features and the product is robust or brittle. You also enjoy challenging the "Happy Path" route.
Key Duties and Responsibilities
- Discover vulnerabilities associated with the Workvivo Platform, including AWS Infrastructure and the Workvivo Application
- The responsibilities at the core of this role are about discovering vulnerabilities associated with the Workvivo platform wherever they might be
- You will work within Workvivo’s internal security team and work closely with our Infrastructure and Application engineering teams
- Workvivo’s infrastructure team have responsibilities for Security, Scalability and Stability of the Workvivo platform. You will work within the security responsibility of the Infrastructure Engineering team
- Contribute to improving the SDLC such as advising on DAST, SAST, SCA, i.e., securing the Pipeline etc.
- Contribute to improving security across Workvivo
You would be a good fit if you
- Have strong experience completing penetration test (focused on Web Applications, API and Mobile)
- Have excellent attention to detail
- Have a strong sense of curiosity and ability to focus
- Can go beyond highlighting Security Headers and low hanging fruit as a vulnerability
- Have worked in a public Cloud Infrastructure and SAAS product
- Are able to critically analyse Vulnerability & Penetration test reports from external partners and customers
- Have experience (and are comfortable) with any relevant programming language
- Are comfortable discussing the latest security technology
- Critically challenge security vulnerabilities
- Have used appropriate tools such as Burp Suite, OWASP ZAP, Metasploit, Nessus, Neuralegion etc, or recommend others.
Our technology stack
- AWS hosted
- Laravel, PHP
- React Native
You are not expected to be an expert in all of these areas, we have experts in these tools. We want you to challenge the security posture of the Workvivo Platform.
Compensation & Benefits
We offer competitive compensation, commensurate with experience. We also offer outstanding benefits to simplify the lives of our employees and show them how much we appreciate their contributions. This is a full-time, salaried position that can be fully remote.