Description

Job Title: Applications Security Engineer

As the Sr. Application Security Engineer at Syncro, you will be responsible for owning the security posture across the organization alongside the CTO and Sr. Manager of Infrastructure.  You will drive application security across our infrastructure and help make Syncro’s applications as secure as possible. You will assist with compliance activities and help ensure the whole company is knowledgeable about security best practices.

You will be working 100% remotely.

What You’ll Be Doing:

• Improve, develop and implement information security policies and procedures
• Manage application security, including secure coding practices, vulnerability management, and penetration testing
• Lead and/or collaborate on fixing identified vulnerabilities within the Syncro code base
• Conduct security audits and risk assessments
• Participate in compliance activities such as SOC 2 audit and HIPAA Compliance
• Investigate security incidents and breaches
• Train employees on information security best practices
• Implementing strong IAM policies, rotating access keys, enforcing MFA, and leveraging IAM roles to minimize security risks.
• Configuring secure VPCs, security groups, and NACLs to control network traffic and protect against unauthorized access.
• Implementing encryption strategies for data at rest and in transit, and ensuring regular backups to safeguard critical data.
• Utilizing a SIEM and/or logging to monitor and detect potential threats.
• Conducting regular security assessments, applying security patches, and maintaining an effective incident response plan.

Must have skills:

• Strong understanding of information security principles and practices
• Experience in developing and implementing information security policies and procedures
• Hands on experience managing application security across multiple engineering teams
• Experience managing bug bounty programs
• Managed vulnerability management programs and reducing vulnerabilities across software stack
• Participated in compliance audits such as SOC 2, HIPAA, etc
• Experience in investigating security incidents and breaches
• Experience with application security testing tools (SAST and DAST).
• Proficiency in using SAST and DAST tools to identify and mitigate vulnerabilities.
• Experience with at least one Object Oriented programming languages / frameworks such as Java, C#, Golang, Ruby on Rails, Php Symfony, etc
• A solid understanding of Azure security and best practices.

Nice to haves:

• Experience training employees on information security best practices
• A strong grasp of fundamental Kubernetes components such as pods, services, deployments, and namespaces.
• Experience in conducting security audits and risk assessments
• Experience with WAF and DDoS protection such as Cloudflare, to enhance the overall security posture of web applications.
• Managed compliance audits such as SOC 2, HIPAA, etc
• CISSP (Certified Information Systems Security Professional)
• Certified Kubernetes Security Specialist (CKS)
• Certified Kubernetes Administrator (CKA)

Interview Process: At Syncro we believe in transparency and providing candidates with as much information as possible so you can make an informed decision during your job search. Below are the steps of the interview process you can expect:

• Initial Zoom call with HR
• Zoom call with Hiring Manager (CTO)
• Technical panel with engineers
• Zoom call with Engineering Leaders

Company Details: If you’re curious about learning more about Syncro, read on and visit the links below.

Syncro is a B2B SaaS company with a highly collaborative and creative team serving the Managed Services Provider (MSP) industry. Picture an MSP as a company’s outsourced IT department – our platform empowers them with the tools and automation they need to run their businesses and supercharge their client services.  Our goal is to empower our customers (we call them partners) to thrive through operational excellence. We’re all about making it happen together!

Before you apply: Here is an interview Q&A for you: Click here

NOTE: Here is why some companies may not hire you.

Hey! Boost your skills/chances of getting hired faster. Take short AI courses for FREE – Click HERE 

Hey!! Thinking of getting MTN Fibre Broadband? Watch this first! Click here