Application Security Engineer
At resin.io, we work on the bleeding edge of Linux containers, bringing their benefits to small connected devices across a range use cases. We have built a set of services that make it easy for developers to build, deploy and manage code that runs in drones, 3D printers, tidal turbines and more.
Security is paramount for an IoT platform, touching everything from our cloud services to the operating system running on every single device. We're hiring a security engineer to help us ensure our code delivery pipeline is secure, the risks are well understood, and build a platform that our customers can trust.
What you will work on
- Analyse the system and contribute to threat modeling. Help understand risks and define adequate mitigation
- Develop best security practices for our internal processes
- Identify and fix security vulnerabilities in the platform with audits, penetration testing and other means
- Define a bounty program to incentivise security researchers to find and report problems
- Take part in architecture decisions to ensure security invariants are held
- Apply the principle of least privilege across the organisation
REQUIREMENTS
- Excellent understanding of encryption, signing, authentication schemes and protocols. Knowledge of the crypto algorithms themselves not required but is a plus
- Good technical knowldege of TLS, PKI
- Experience with Linux security, permission system, namespaces
- Understanding of token, certificate, JWT, and OAuth authentication
- Good knowledge of common web application vulnerabilities (OWASP)
- Fluent in English
- Proficiency in at least one of node.js, Python, Golang, or Rust
- Professional experience as a security engineer for at least 3 years
BENEFITS
- Work with talented, diverse team
- Equipment of your choice
- Remote-friendly
- Flexible working hours
- Flexible vacation policy
- Annual company gathering in an international location
ABOUT RESIN.IO
Resin.io is bringing DevOps to IoT!
We help organizations deploy software to remote devices for use in far-ranging scenarios, from smart locks, to drones, to wind turbines and more.
We are a passionate team of software, hardware and business nerds hailing from 9 countries and 4 continents, bringing together experts with experience in the diverse disciplines required to bridge the gap between the cloud and devices.
If you take pride in your work, are passionate about new technologies and enjoy solving difficult technical problems, then come join us as we help shape the future of IoT!
We feel the ability to communicate well is a vital part of the skillset of anyone working for us, so we value your ability to put across difficult technical ideas enormously - if you can live patch the linux kernel while explaining what you did clearly to a classroom of kindergarten kids we want to hear from you!
Resin is an equal opportunity employer. We welcome people of any gender, orientation, religion, ethnicity, culture and do not discriminate based on disability. Come join our growing team today and become part of a culture that genuinely cares about your personal and career growth!
Desired Skills
Contact Info
- Company Website: https://resin.io/
