Exness Group was founded by a group of like-minded professionals in the area of finance and information technology in 2008. We are the broker of choice for every trader who demands high-quality services. Today we are 1000+ represented by more than 70 nationalities, continuously expanding our existing teams and creating new ones.
Our culture allows each employee to be the best version of themselves, constantly increasing their expertise. Our culture and values rely highly on Ethics & integrity + Smart scientific approach!
We are looking for an Application Security Engineer to join Exness Technology Department. You will identify existing and emerging security threats and protect Exness Group of Companies from them, maintain business continuity and regulatory compliance in respective areas.
What you will do:
- Work directly with the business units to facilitate building secure workflows, processes, systems and services.
- Maintain effective communication and coordination with Exness Technology teams in security-related areas.
- Ensure that information assets and technologies are properly protected, which includes the following:
- Development and implementation of practice-driven security controls to software development related processes.
- Development of data protection measures in product to prevent its loss and misuse.
- Software and system design review from a security perspective at all stages of software development lifecycle.
- Consult software development teams in a security area.
- Manage security incidents from products side, build reliable infrastructure for its investigation and forensics.
- Continuously develop security related processes in the software development area.
- Manage and develop security education programs for Software Engineers, Architects, Product Managers.
What you need to succeed:
- At least 3 years of practical experience in Application Security and overall 5 years of experience in the IT/Security area.
- Ability to leverage business communication skills to inform, convince, and educate software engineers to enable effective application security activities and processes.
- Deep knowledge of most common application level vulnerabilities, ways of exploitation and protective measures.
- Practical experience in web application security research.
- Hands-on experience with modern information protection systems, including open source products.
- Deep understanding of security aspects of virtualisation, containerisation and cloud services (AWS).
- Cryptography basics.
- Broad spectrum of technical knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, AWS, Vault, git.
- Good knowledge of basic technologies and protocols (TLS, HTTP, Web Socket, DNS, OAuth2, OIDC etc.) and threats to them.
- Hands-on experience in development and/or automation.
- Fluent Russian and English language (Upper Intermediate or higher).
Would be an advantage:
- Project management experience
- OSWE/CCTAPP certifications are a plus.
- Security Operations Center or penetration testing experience.
- Digital forensics experience.
- Team management skills are a plus.
- Well developed soft skills are a plus.
- Medical insurance for employees.
- Coworking expenses compensation.
- “Get to know your Team” trip to Cyprus.
- Sports activities compensation.
- Extensive learning opportunities.
- Flexible public holidays.
- 100% pay of Annual leave.
- Professional Development.
*If you would like to learn about relocation opportunities to Cyprus, please contact the dedicated TA Specialist.
Your application will be reviewed further and you will receive an update in due course if you are shortlisted. Due to high volume of applicants, we are able to contact only shortlisted candidates at this point of time.