Security Engineer

Job description

DEV is hiring our first security engineer. We believe that security is a process, not a state, which will be reflected in this role. We are a fast-growing start-up and need someone who is comfortable working at a smaller company. The security engineer will work closely with our SRE and development teams to establish the DevSecOps culture at DEV. This role will be hands-on, which includes proactively finding bugs and vulnerabilities throughout our site and apps, and taking an active role in the code review process.

We value emotional intelligence and communication skills. We want to work with developers who want to build an inclusive software ecosystem as badly as we do.

With the launch of Forem, there will be new challenges in keeping our software secure for all users as this initiative evolves.


Primary Responsibilities

  • Shape our data best practices to protect private user data
  • Serve as the first line of contact for any security vulnerabilities, and help fix any problems that arise
  • Lead our bug bounty program: establish a process for handling external vulnerability reports and maintain good relationships with reporters
  • Contribute to our software architecture to ensure privacy for all users
  • Continuously educate our team on security best practices
  • Assist in compliance and regulatory decision making

    Requirements

    Skills we’d like to see

    • Knowledge of web application security, especially in the context of Ruby on Rails (OWASP Top 10, etc)
    • Pen testing (automated and manual)
    • Knowledge of important team security principles

      About DEV

      DEV Community is an open source company which operates the fastest growing social network for software developers and is also in the process of generalizing our platform for broader use for client communities. The company's mission is to empower community and we do so through open source software and leadership in the software ecosystem.

      We’re a company that values emotional intelligence, learning and growth. We hire diverse, well-rounded and communicative people who want to build an inclusive software ecosystem as badly as we do.

      Perks for US based Employees:


      • Medical, Dental, Vision plan
      • Unlimited vacation
      • Flexible Equipment and Conference budget
      • Co-Working budget (we are a 100% Distributed Team)
      • Monthly Wellness Budget

      Non-US workers are welcome to apply for this role as contractors.