monday.com
Hi, let's find you a remote job!
about 2 months ago
monday.com is looking for an application security researcher to research our platform for vulnerabilities, manage our bug bounty program, and work with R&D to enhance the security of our platform. The Application Security Team is based in our headquarters, Tel Aviv, Israel - you’ll be the first to join the team from London.
monday.com works hybrid with 3 days in the London office.
- Perform black, gray, and white box penetration testing on monday.com’s platform - both frontend and backend.
- Manage the bug bounty program, including hacker engagement and communication with the hacker community.
- End-to-end work on reported vulnerabilities as part of the bug bounty program.
- Provide guidance on security best practices to developers.
- Embed/improve security threat modeling and secure coding in the development lifecycle.
- Develop security abuse cases for testing as part of the software development lifecycle.
- Perform and oversee security testing and manage remediation of identified vulnerabilities.
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Initiate and automate processes for detecting and monitoring the platform security.
- Scripting capabilities and automation mindset.
- At least 2 years of experience in web penetration-testing, blackbox and whitebox.
- In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
- Experience working with the hacker/pen-testing community.
- Team player able to and build relationships across the organization, also remotely.
- Understanding of secure web application development.
- Comprehensive knowledge of IT and information security subject matter.
- Exposure to methods of promoting security awareness.
- Strong communication (verbal/written) and influencing skills, with an ability to manage internal and external relationships.
- Anticipates problems and identifies long-term implications of decisions and actions.
- Ability to work and learn alone.
- Able to prioritize workload and drive work to set deadlines.
## LI-DNI
Application Security Researcher