Application Security Engineer

Tutu.ru is the largest travel service in Russia.

Overview

We are the information security department, and we protect all Tutu systems, infrastructure, and products from cyber threats. We're looking for an Information Security Specialist to join the Application Security team to ensure the security of our applications.

What you will do

• Improve the existing S-SDLC by integrating new security solutions and improving existing ones.
• Implement new S-SDLC processes.
• Participate in security checks and audits.
• Create tools that make security convenient for developers and others.
• Communicate with a large number of development teams as part of consultations and risk management.

Requirements

• Experience in implementing S-SDLC solutions and automating any Application Security processes.
• Experience in conducting security design reviews.
• Knowledge of the main vulnerabilities of web applications and ways to minimize risks.
• Readiness to communicate with teams and participate in processes as a Security Business Partner.
• Experience finding vulnerabilities in source code in Go, PHP, JS.

Nice to have

• Knowledge of vulnerabilities in mobile applications.

Culture & Benefits

• Full remote work is available, working from the office or visiting the office whenever you want.