Senior Software Developer - Security

Position Overview

Acronis is revolutionizing cyber protection by providing natively integrated, all-in-one solutions that monitor, control, and protect the data that businesses and lives depend on. We are looking for a Senior Software Developer to join our mission to create a #CyberFit future and protect all data, applications, and systems across any environment. This role is crucial in building and enhancing the security aspects of our Platform components and services, working with technologies like Go and Python.

Why This Role

• Impact: Your work will directly protect data and ensure business resilience for millions of users worldwide.
• Innovation: Collaborate with a forward-thinking team to design and optimize cloud services.
• Security-First Approach: Be at the forefront of secure software development, with a strong focus on application security.

Responsibilities

• Threat Modeling: Identify potential system compromises and necessary protections.
• Secure Software Development Lifecycle: Assist developers in writing secure code by implementing secure coding standards, techniques, and best practices.
• Security Code Reviews: Identify security vulnerabilities in source code before production deployment.
• Vulnerability Testing and Analysis: Discover weaknesses in deployed applications and advise development teams on remediation.
• Conduct security assessments for software components developed within the company.
• Participate in the development and implementation of the SDLC process.
• Conduct post-mortem reviews of application security bugs.
• Consult engineers on application security matters and train them on secure development practices.

Requirements

• 5+ years of experience in Application Security.
• Strong knowledge of modern web, mobile, and network security.
• Understanding of security models for Web/REST API, cloud, mobile, and desktop applications.
• Hands-on experience with security assessment tools and attack techniques.
• Proficiency in code assessments in Go and Python.
• Middle programming skills with Go or Python are required.
• Published security research, open-source tools, blog posts, or a proven history of participation in bug bounty programs are considered strong advantages.
• Upper-Intermediate English proficiency.

Interview Questions

Candidates should be prepared to:

• Read Python/Go code, resolve code issues, and identify vulnerabilities.
• Explain the Same Origin Policy.
• Discuss Cross-site scripting (XSS) contexts.
• Describe attacks like SQL injection, XXE, SSRF, or others, and suggest fixes and potential bypasses.
• Provide opinions on Local Privilege Escalation (LPE) from Admin to System user (Windows Security).
• Explain methods for counting possible compromised accounts.
• Share their favorite security field and areas for further learning.

Company Information

Acronis is a global cyber protection company. Founded in Singapore in 2003, Acronis is a Swiss company with over twenty years of innovation. We have 15 offices worldwide and more than 1800 employees in over 50 countries.

Acronis provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), enterprise IT departments, and home users. Our all-in-one solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyber threats with minimal downtime, ensuring data integrity and business continuity. We offer the most comprehensive security solution on the market for MSPs, with a unique ability to meet the needs of diverse and distributed IT environments.

Employment Type

Full time

Location Type

• Information not provided.