Senior Security Engineer (AppSec)

*Please note this role is available to candidates based in Poland*

A career at Booksy means you’re part of a global team focused on helping people around the world feel great about themselves, every day. From empowering entrepreneurs to build successful businesses, to supporting their customers arrange 'me time' moments, we’re in the business of helping people thrive and feel fantastic.

Working in an ever-changing, scale-up where things are messy, and resources are limited isn't for everyone. If you thrive in a stable environment with big budgets, clear processes and structures then, if being honest, we’re probably not for you. However, if you love bringing order to chaos, inventively solving problems, and prioritizing your own path within ambiguity, then you're likely to love it here.

As a Senior Security Engineer (AppSec) reporting to the Head of Cybersecurity in our Security team, your purpose will be to ensure that the Booksy Application and its underlying infrastructure are designed securely, protected from attacks, and free from common vulnerabilities. You’ll work closely with product engineers to build security into our products and automate security-related activities, while also promoting security awareness throughout the company.

Essentially, to ensure you succeed in this role you’re going to need

• Commercial experience in application security (risks, vulnerabilities, OWASP Top 10, mitigation techniques, penetration testing, etc.).
• Experience in software engineering, with the ability to introduce security improvements into applications.
• Good understanding of modern application security topics (OWASP ASVS/MASVS, SSDLC, DevSecOps).
• Experience with Cloud Security (GCP, K8s, AWS).
• Ability to collaborate across teams and communicate effectively with diverse stakeholders.

At a minimum we require conversational level English language skills. Why? English is our company language and is used for any business-wide communications, so we need you to be able to speak English to feel like an integrated part of Booksy.

It will also help you to have…

• Knowledge of modern architecture standards and their impact on security (microservices, IDP, OAuth, SAML, service mesh, etc.).
• Experience with web/mobile application engineering concepts (web servers, containers, SSL/TLS, WAF, Git).
• Familiarity with tools like Burpsuite, Semgrep, Lacework, and Nuclei.

Benefits

• Fully remote position - We take pride in being a globally distributed team.
• Private medical care through Allianz Health (company-subsidized, with various packages to choose from)
• Multisport card (multiple options available).
• Additional life insurance from PZU.
• Online consultations with a Booksy Psychologist.
• Wellbeing tools (Worksmile and Officevibe).
• Happiness Team initiatives.

Our Diversity and Inclusion Commitment:

We work in a highly creative and diverse industry so it goes without saying that we strive to create an inclusive environment for all. We welcome people from all backgrounds and are committed to fair consideration in our hiring process. If you have any accessibility needs or require reasonable adjustments during the interview process, please contact us at [email protected], so we can best support you.

Originally posted on Himalayas