Senior Application Security Engineer at Acronis

Singapore

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

CybersecurityIndustries

Requirements

Understanding of security models of Web/REST API, cloud, mobile and desktop apps
Hands on experience with security assessment tools and attack techniques (beyond basic like inserting a quote in URLs)
Code assessments in programming languages Go, Python, Ruby, C/C++, JavaScript
Basic programming skills with Go, Python or another language
Strong communication skills
2+ years in Application Security
Strong knowledge of the modern web, mobile, and network security
Published security research, open source tools, blog posts, proven history of bug bounty programs participation (strong advantage)
Readiness to answer interview questions on: Same Origin Policy, Cross-site scripting contexts, attacks like SQL injection/XXE/SSRF (fixes and bypasses), LPE from Admin to System user (Windows Security), counting compromised accounts, writing simple exploit code

Responsibilities

Threat modeling: Think about how attackers can compromise a system and what protections are needed
Secure Software Development Lifecycle: Help developers write secure code by implementing secure coding standards, techniques, and best practices
Security code reviews: Identify security vulnerabilities in source code before deployment to production
Vulnerability testing and analysis: Discover weaknesses in deployed applications and advise on remediation
Conduct security assessments for company-developed software components
Validate external security reports and bug bounty submissions
Take part in SLDC process development and implementation
Conduct post-mortem reviews of application security bugs
Consult engineers on application security matters and train them on secure development practices
Work with responsible disclosure, find security bugs proactively, collaborate with development to improve processes, monitor attacks, and respond to them
Create novel solutions to detect and advanced approaches to protect applications

Skills

Key technologies and capabilities for this role

Threat ModelingSecure Software Development LifecycleSecurity Code ReviewsVulnerability TestingSecurity AssessmentsBug BountySDLCSecure Coding Practices

Questions & Answers

Common questions about this position

What is the salary for the Senior Application Security Engineer position?

This information is not specified in the job description.

Is this a remote position or what is the location requirement?

This information is not specified in the job description.

What skills and experience are required for this role?

Candidates need 2+ years in Application Security, understanding of security models for Web/REST API, cloud, mobile and desktop apps, hands-on experience with security assessment tools and attack techniques, and code assessments in Go, Python, Ruby, C/C++, JavaScript. Basic programming skills with Go, Python or another language and strong communication skills are also required.

What does the application security team do at Acronis?

The application security team works to make Acronis applications more secure against threats by conducting threat modeling, secure code reviews, vulnerability testing, security assessments, and consulting engineers on secure practices. They collaborate with development teams to improve processes and respond to attacks.

What makes a strong candidate for this position?

Strong candidates have published security research, open source tools, blog posts, or proven history in bug bounty programs. Be prepared to answer interview questions on topics like Same Origin Policy, Cross-site scripting, SQL injection, XXE, SSRF, and Windows LPE.

Acronis

Data protection and cybersecurity solutions provider

About Acronis

Acronis provides a range of solutions that combine data protection and cybersecurity to address various challenges related to safety, accessibility, privacy, authenticity, and security. Their products include antivirus software, backup services, disaster recovery options, and endpoint protection management. Acronis also utilizes AI-based antimalware and blockchain technology for data authentication, ensuring that data, applications, and systems are protected in any environment. What sets Acronis apart from its competitors is its comprehensive approach to cyber protection, which integrates multiple aspects of data security into a single platform. The company's goal is to ensure that users can trust their data is safe and accessible, while also maintaining privacy and authenticity.

Schaffhausen, SwitzerlandHeadquarters

2003Year Founded

$640.1MTotal Funding

GROWTH_EQUITY_VCCompany Stage

Cybersecurity, AI & Machine LearningIndustries

1,001-5,000Employees

Benefits

Medical, dental, &vision insurance plans

Life Insurance, STD and LTD policies

401(k) retirement plan and company match

Corporate rates and discounts

Competitive package

Flexible working hours

3+ weeks of PTO and 10 paid holidays

Smart casual dress code

Free snacks and drinks

Office social events

Risks

Emerging cybersecurity firms with lower costs may erode Acronis's market share.

Rapid AI-driven cyber threats require costly updates to Acronis's defenses.

Geopolitical risks may affect Acronis's expansion into new markets like Bangladesh.

Differentiation

Acronis integrates cybersecurity and data protection, addressing SAPAS challenges comprehensively.

The company uses AI-based antimalware and blockchain for advanced data authentication.

Acronis offers flexible deployment models for service providers and IT professionals.

Upsides

Growing demand for integrated cybersecurity solutions boosts Acronis's market potential.

Expansion of global cybersecurity market offers significant growth opportunities for Acronis.

Acronis's partnerships in sports highlight niche market opportunities.

Land your dream remote job 3x faster with AI

Try Jobo Free