Security Engineer at Dream Dinners La Mesa

Shanghai, Shanghai, China -

Full Time

Start Date

Immediate

Expiry Date

26 May, 26

Salary

0.0

Posted On

25 Feb, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Engineering, Threat Modeling, Risk Assessment, Code Reviews, Vulnerability Management, CI/CD Pipeline, Penetration Testing, Web Application Security, SAST, DAST, Fuzzing, Infrastructure Security, WAF, RASP, Ruby on Rails, NodeJS

Industry

Software Development

Description

Workstream is a mission-driven company building the all-in-one HR, payroll, and hiring platform for managing the hourly workforce. There are 2.7 billion hourly workers, making up 80% of the global workforce, but this market has been heavily underserved by technology and deserves better. Workstream has been purpose-built for the hourly workforce from day one so that these businesses and their employees can thrive. Our customers include leading brands from multiple sectors, including Burger King, Carl's Jr./Hardee's, IHOP, KFC, and Culvers. We are a high growth series B company and quickly expanding our product portfolio to deliver on our vision. We are backed by legendary VCs and industry experts like Founders Fund, BOND, and Coatue. WHAT YOU’LL ACHIEVE: Provide security guidance to Engineering and Product teams. Build threat models and conduct risk assessments for new features and services. Perform design and code reviews (lots of them!). Identify, triage, resolve, and manage security vulnerabilities identified in Workstream products. Build libraries and tools to make software built and deployed at Workstream secure by default. Make security an integral part of our CI/CD pipeline. Perform internal penetration tests and participate in blue team exercises. WHAT YOU’LL NEED TO BE SUCCESSFUL: 4+ years of security experience. 4+ years of software development experience. Strong understanding of Web application security, including hands-on exploitation skills coupled with defensive skills. Familiarity with secure development practices and security testing techniques (SAST, DAST, fuzzing, etc.). Familiarity with infrastructure and systems security domains. Familiarity with web application security defense techniques and technologies (WAF, RASP, sanitization/validation, etc. Familiarity with microservices architectures, platforms, and 12-factor design Familiarity with relevant technologies (listed below) Strong understanding of Ruby on Rails or NodeJS. Knowledge of mobile development, such as Flutter and React Native will be nice to have. Modest ability to build tools and automation in Python or other languages. Ability to explain complex security issues and their impact to diverse audiences. Be a fast learner and have experience partnering with cross-functional teams. BA/BS in Computer Science or similar technical degree or equivalent experience. RELEVANT TECHNOLOGIES: Must have: Web: Frameworks: Ruby on Rails, NodeJS, ReactJS. Web protocol standards (REST, RPC, SOAP) Infrastructure: Container and container infrastructure (e.g. Docker, container, k8s) Cloud technology (e.g. AWS, Azure) Unix/Linux Nice to have: Flutter, React Native. Modest competency in common scripting and automation languages (Python, Ruby, Golang, etc.) What We Offer: A mission-driven and value-based company dedicated to empower deskless workers and local businesses An early employee opportunity at a Series B hyper-growth startup; work with the founding team and industry veterans to accelerate your career Competitive salary and equity Learning/development stipend Unlimited PTO Hybrid Office/WFH schedule Know More About Workstream https://www.workstream.us/blog/funding-series-b https://techcrunch.com/2021/08/26/workstreams-text-based-recruitment-tool-gets-a-48m-bet-from-bond-and-beyond/ https://techbuzz.news/buzzworthy-august-27-2021/ Additional Information Workstream provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. We are committed to the full inclusion of all qualified individuals.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The role involves providing security guidance to Engineering and Product teams, building threat models, and conducting risk assessments for new features and services. Responsibilities also include performing design and code reviews, identifying and resolving security vulnerabilities, and building tools to ensure secure software development by default.