Application Security Engineer
Yoco
This job is no longer accepting applications
See open jobs at Yoco.See open jobs similar to "Application Security Engineer" Quona Capital.Cape Town, South Africa
Posted on Saturday, October 7, 2023
Who We AreYoco was founded in 2015 and now processes over US$2 billion annually. We’re the payments provider for over 200 000 self-employed, and opening commerce for all. We’re breaking down barriers and unlocking economic opportunities that enable people to thrive.We have over 350 team members globally, operating across international markets, all with a bias for boldness, and a passion for simple, progressive solutions. We believe in uniting different people to solve hard problems together.Our mission of making society more equal takes a variety of people, with different backgrounds and points of view, so we can keep building solutions that work for and include everyone.Yoco is growing, and as we grow we have compelling challenges ahead of us.Growing means we’re enabling more self-employed people and businesses to thrive every day. It also means that ambitious problem-solvers with big ideas are challenged, stimulated and will thrive at Yoco.We don’t stop pushing, we break things to rebuild, we challenge ourselves and each other. We’re constantly evolving — and we’re doing it fast.Grow With Us.
About The Security TeamThe security team at Yoco forms part of our rapidly growing Cloud Engineering & ICT function and is responsible for infrastructure, cloud, platform, application and security operations. Working closely with the DevOps team, other foundation teams, our IT team and product delivery teams ensure that our external, internal systems and APIs are following best practices when it comes to security and remain secure. Similarly to the other teams which make up the function, one of the Security team’s key goals is to enable and contribute to a solid foundation on which all our products and services can be built upon. The teams strive to not be blockers and provide as much autonomy as possible to the areas they support and work alongside.
About The RoleThe Application Security Engineer role is a technical position primarily tasked with managing our Application Security Posture. It is critical to the long-term success of Yoco in enabling people to make payments across our market segments in a secure manner. Our users trust us with some of their most sensitive information, and Yoco takes customer security as a priority.AppSec Engineers are responsible for the continuous assessment of our systems, and recommend or provide solutions to address current and future threats relating to our application security. Importantly, this role will engage closely with the teams within our engineering environment and make recommendations on security controls, frameworks, tooling and secure coding best practice.Security concerns are ever-evolving, making the security team an extremely dynamic environment to work in.
What You Will Be Doing
- You'll be helping to develop new features as well as securing existing ones
- Secure and harden our external and internal facing applications
- Review and make recommendations on areas not limited to but including secrets management, encryption, customer security and CI/CD pipelines
- Work closely with third-party security and auditing firms and help implement and recommend security controls to the rest of engineering
- Perform product security reviews on existing and new features being built by Yoco
- Ensure identified security risks are remediated in line with internal SLA and industry best practice
- Assist with improving the overall security posture of Yoco
- At least 2 years of full-time offensive security experience
- Experience with offensive security techniques and knowledge of how to defend against them
- Experience with threat modelling, secure coding, authentication, cryptography and network security
- Strong communication and teamwork skills, you should be able to guide others in the engineering organisation through security best practices and exercises
- A keen interest in application security and an understanding of how application security vectors can translate to monetary loss
- Experience with CI/CD tooling & dependency management as it relates to security
- OSCP
This job is no longer accepting applications
See open jobs at Yoco.See open jobs similar to "Application Security Engineer" Quona Capital.