Requirements

Expected technologies

Google Cloud Platform

Our requirements

• Commercial experience in application security (risks, vulnerabilities, OWASP Top 10, mitigation techniques, penetration testing, etc.).
• Experience in software engineering, with the ability to introduce security improvements into applications.
• Good understanding of modern application security topics (OWASP ASVS/MASVS, SSDLC, DevSecOps).
• Experience with Cloud Security (GCP, K8s, AWS).
• Ability to collaborate across teams and communicate effectively with diverse stakeholders.
• At a minimum we require conversational level English language skills. Why? English is our company language and is used for any business-wide communications, so we need you to be able to speak English to feel like an integrated part of Booksy.

Optional

• Knowledge of modern architecture standards and their impact on security (microservices, IDP, OAuth, SAML, service mesh, etc.).
• Experience with web/mobile application engineering concepts (web servers, containers, SSL/TLS, WAF, Git).
• Familiarity with tools like Burpsuite, Semgrep, Lacework, and Nuclei.

Your responsibilities

• As a Senior Security Engineer (AppSec) reporting to the Head of Cybersecurity in our Security team, your purpose will be to ensure that the Booksy Application and its underlying infrastructure are designed securely, protected from attacks, and free from common vulnerabilities. You’ll work closely with product engineers to build security into our products and automate security-related activities, while also promoting security awareness throughout the company.