What you'll have here:
  • In-house products: Working on products that we use every day and have millions of users. Some of them are your friends, neighbors, family members. We are our own clients. Our opinions and experiences are directly shaping the products that we design and create. 
  • People: You will work with experts, community leaders and senior engineers who made these products from scratch. They will reveal to you how the whiteboard idea turns into a worldwide platform.
  • Internal learning sessions and innovation challenges: We are an innovation center primarily and you can be part of initiatives, research and focus groups… and don’t miss to take a place in innovation challenges and hackathons.
  • Tech stack: We are tech agnostic and programming languages are just a tool, but they can make our job easier if we choose the right tool for the job.
  • Engineering mindset: We are engineering our solutions from ground up using open-source tools and customizing them to our needs. We worry about performance, we analyze and observe our system. We are not throwing money at the problem, we actually care if things could be more optimal.
  • Career growth: We strongly believe in feedback culture and development plans.
  • Community: You wanna share your knowledge with the community? We are organizing meetups (DevOps Talk Belgrade) and internal workshops. You are more than welcome to participate. If you are not a great speaker, that is also fine.
Your Responsibilities:
  • Review logs and other metrics for signs of cyber threats or attacks and escalate to engineering and development teams. 
  • Constantly influence engineering teams to prevent, resolve and mitigate risks, vulnerabilities, and threats. 
  • Write policies, procedures, standards, guidelines, and other technical documentation and about the proper implementation of application security program elements. 
  • Defines and develops security requirements using risk assessments, threat modeling, security testing, and analysis of existing systems.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
What we're looking for:
  • Passion about internet security issues and the threat landscape for popular software & services with the ability and desire to root-cause, mitigate, and explore deeper. 
  • A data-driven and quantitative mentality--you excel in supporting ideas with available evidence.
  • Operations experience with CI/CD development or managing distributed systems. 
  • Web service assessment experience with authentication controls, session management, access controls, logic flaws, injection vulnerabilities, request smuggling, cloud privilege escalation, DOS attacks.
  • Exposure to vulnerabilities related to API security, Container, Micro Services. 
  • Develops dashboards, reports and analytics delivering insights into security risks and threats
  • Identifies new solutions and enhances existing open source and bespoke visualization toolsets to identify trends, compress event triage, understand data flows, identify anomalies, and automate reporting and analysis
What you'll have here:
  • Hybrid working environment – work from home or from our cozy offices (New Belgrade and city center hub)/Kragujevac hub. 
  • Private healthcare. 
  • Christmas bonus. 
  • Gifts for your special days. 
  • “Healthy” Friday – not always healthy snacks on Fridays. 
  • 25 vacation days. 
  • Growing International team.