About Malwarebytes:
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes has grown beyond malware remediation to ensuring cyberprotection for everyone, providing device protection, privacy, and prevention solutions in the home, on-the-go, at work, or on campus.
Job Title:
Application Security Engineer
About the Role:
We're looking for a motivated and experienced security professional to join our small but growing security team. As an Application Security Engineer, you will be responsible for improving the security of our products. You will assist in the development of security processes and automated tooling that prevent classes of security issues, perform security-focused code reviews with external firms, support product and development teams in application security, and more.
Key Responsibilities:
1. Develop and implement security processes and automated tooling to prevent security issues.
2. Collaborate with external firms on security-focused code reviews.
3. Support product and development teams in application security, including threat modeling and design reviews.
4. Assist in reproducing, triaging, and addressing application security vulnerabilities.
5. Support our bug bounty program.
6. Educate teams on security best practices and promote secure development habits.
Requirements:
* Familiarity with GitHub and GitHub Actions.
* Development skills on Android/iOS platforms, including mobile app code reviews and analysis.
* Experience in code review and security analysis of desktop applications.
* Hands-on experience with cloud-based technologies (AWS, AZURE, GCP).
* Excellent communication skills and ability to articulate complex topics.
* Able to adapt to an entrepreneurial organization and solve problems quickly and collaboratively.
* Self-motivated and able to work independently with minimal supervision.
Preferrable Qualifications:
* Advanced knowledge of Windows and/or macOS.
* Digital forensics expertise and knowledge of security architecture, system administration, and networking.
* Certifications in CISSP, CEH, GIAC Reverse Engineering Malware (GREM), or similar.