boostsecurity.io is developing a modern security stack for the modern development teams. Our solution integrates directly into SCM's such as Github/Bitbucket/Gitlab, and scans for security vulnerabilities that cover many areas related to infrastructure as code (e.g. terraform), secure coding practices (OWASP Top 10, SANS 25, etc.), and much more...
As a Software Engineer in Security, you will be responsible for participating in the full lifecycle of the development of our (still stealth) security product.
This includes collaboration with helping define and refining product use cases, documenting technical solutions, writing, testing, and deploying code.
You will also be able to explore other software engineering and product management opportunities as they arise.
A significant portion of your time will be devoted to writing & testing security rules on real world code bases using a multitude of scanning engines.
Your day to day responsibilities will be to:
- Evaluate and integrate new security scans, and modify/tune existing ones
- Implement metrics for the effectiveness of security scans, from both an operational and customer perspective
- Developer security engines/rules for Kubernetes, cloudformation, golang, java, ruby, and other languages and platforms as the need arises.
If you have an interest in programming & cybersecurity, and want to get first hand experience at working at a startup with a very experienced team in this space - this may be the opportunity for you !
Qualifications: Strong programming background, preferably in Python - but other languages will also be considered. Strong interest in learning cybersecurity.
Desired skills: Python, Linux, git