About the Team

The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.

Responsibilities

• Perform penetrations tests and security assessments to identify vulnerabilities and business-logic failures in core product ecosystems.
• Design and develop security tooling to identify vulnerabilities and optimise the product security review process.
• Perform architecture and design reviews to ensure that our applications are implemented to the highest security and privacy standards, thus maintaining and enhancing user trust.
• Work closely with software engineering teams to provide security guidance and co-design complex production systems.
• Assess vulnerability impact by creating exploits for n-day vulnerabilities and performing variant analysis across our codebases.

Minimum Qualifications

• Bachelor's Degree or above in Computer Science or related specialization.
• Hands-on security engineering experience such as penetration testing, source code review, design review, threat modeling, security mitigation development, or security tooling development.
• Strong ability to communicate and collaborate with business partners.
• Solid experience in writing and reviewing code in at least two of the following programming languages: Kotlin, Swift, TypeScript, Go, or Python.
• Advanced knowledge and understanding in various disciplines: web application security, mobile app security, network security, operating system internals and hardening, applied cryptography, cloud computing. You're expected to be an expert in at least one of these areas.
• Strong problem-solving skills and excellent debugging / troubleshooting skills.

Preferred Qualifications

• CTF players, live competitions and hacking events experience.
• CVEs such as remote code execution are preferred.
• Bug Bounty experience with reputable statistics in Hacker One, Bug Crowd etc.