Brands

Renowned WordPress Product Company With 6 M+ users

AI-powered Remote Hiring SaaS platform

Promising Shopify Product & App Company

Next-Gen WordPress Cloud Hosting & Server Management

WordPress Cloud Collaboration & Templates Library

WordPress

Most Popular Elementor Widgets Library

Finest Knowledge Base Plugin

Advanced WordPress Embedding Solution

Best Gutenberg Blocks Plugin

FOMO & Social Proof Marketing Plugin

All-In-One Link Management Tool

Cloud WordPress Templates Library

Leading Content Management Plugin

One-Click Elementor Payment Solution

Shopify

Ultimate Shopify SEO App

Advanced Documentation App

Best App For Review Collection

App To Create Advanced FAQs

SaaS Products

Advanced Remote Hiring Solution

Next-Gen WordPress Hosting Tool

Startise

Startise This company has been verified by this domain - startise.com

Dhaka, Bangladesh

Job Title
Application Security Engineer
Vacancies
2
Salary
30000 - 40000 BDT Monthly
Location
Mirpur DOHS, Bangladesh
Job Type
Permanent On-site
Deadline
30 June, 2024
Apply now

Company Description

Startise is a beacon of innovation and the dynamic parent company of WPDeveloper and many other subsidiaries. With a diverse portfolio of brands, we are committed to evolving and fostering excellence to help millions globally in their pursuit of growth and success across a wide range of ventures. 

We strongly believe ‘good for the business’ should also mean ‘good for the customers’ and our brands are enhancing the experiences of over 6 million users in unique ways across the web and beyond, leveraging the strengths of our wide and specialized portfolio.

Skills
  • Security
  • SQA

Description

Startise is looking for an Application Security Engineer who has a deep personal interest in web application security and who can help us validate vulnerability reports and perform code-reviews on PHP and Javascript based applications. This is a crucial role to secure applications used by 6 million plus users globally. Most importantly, we're looking for a full-time team member who is an excellent communicator and who can grow with the rest of the team.

 

Requirements:

  • Proven experience as an application security engineer or similar role
  • A solid understanding of WordPress and its ecosystem is required
  • A solid understanding of core PHP & JS, OOP and MySQL is required
  • Strong understanding of Bash Scripting, Linux system administration, network security principles and protocols is required
  • A solid understanding of how browsers, the web and HTTP works
  • Hands-on experience with security testing tools like BurpSuite, OWASP ZAP, or Metasploit is required
  • Deep understanding of web application security concepts and common vulnerabilities (OWASP Top 10, CVSS Scoring, CVE) is required
  • Effective communication skills, with the ability to convey complex security concepts to technical and non-technical team members

 

Would be helpful:

  • Regular attendance in CTF competitions will help identify a good candidate
  • Active participation in bug bounty programs, demonstrating practical skills in identifying and resolving security vulnerabilities
  • Having industry certifications is a plus
  • Previous vulnerability research and findings, preferably CVE IDs assigned under your name
Job Responsibilities

Day-to-day tasks include:

  • Regularly perform security code reviews and penetration tests against PHP based applications (Mostly WordPress)
  • Perform black-box penetration tests on SaaS solutions (Laravel, NodeJS)
  • Review and analyze code for security vulnerabilities, including static and dynamic analysis
  • Validate vulnerability reports from renowned security vendors such as Patchstack, WordFence, etc
  • Collaborate with development teams to prioritize and remediate security issues
  • Monitor and respond to security incidents, including conducting root cause analysis
  • Perform functional and non-functional testing
  • Provide suggestions and recommendations for secure application design
  • Stay updated on the latest security threats, vulnerabilities, and industry best practices
Life at Startise
Startise
Startise
Startise
Startise
Startise