Product Security Engineer

仕事内容

As part of the security team at Eureka, our product security engineer will be responsible for improving the security posture of our applications to help us deliver the best and most secure dating experience to our customers.

Our ideal candidate is someone who is comfortable with programming and for whom security is a passion. Our ideal candidate is also a problem solver, loves to learn and share their knowledge with others.

Your day-to-day activities will be to help the security team onboard and improve our defined secure development lifecycle, taking ownership of security architecture reviews of existing and upcoming projects, performing penetration testing of our public and internal applications, and driving our vulnerability management process, while representing the values of our company.

【Responsibilities】
・As part of the security team, help improve the security posture of the company by following defined yearly security objectives.
・Contribute to the security team success by providing ideas and improvements for the security practice and sharing your knowledge with security team members.
・Security architecture review of existing and upcoming projects.
・Create/onboard tools to help engineers write more secure code.
・Perform penetration tests of public and internal applications, report and find solutions to remediate vulnerabilities found.
・Maintain our bug bounty program and vulnerability management program.
・Teach security best practices to our employees and lead by example.

応募資格

◆Qualifications
・1+ years of experience as a security engineer/software developer
・Must have experience with mobile application and web development (such as Swift, Kotlin, Golang, TypeScript, Java)
・Must have experience with finding OWASP TOP 10 vulnerabilities
・Comfortable with advising on remediation for application security vulnerabilities
・Hands-on experience with web application vulnerability scanners (For example: Tenable, Qualys, AWS Inspector, ZAP)
・Experience with implementing CI/CD security (SAST, DAST, Static Analysis, security-as-code, policy-as-code)
・Cloud security experience (AWS, GCP preferred)
・Able to communicate effectively in Japanese

◆Preferred Qualifications
・Hands-on experience with Burp Suite
・Contributions to the community (open source contributions, papers, blogs, linkedin, others)
Project management experience
・Any relevant certifications

But more importantly, a passion for cybersecurity, a drive to learn and to share your knowledge!

Note: We will consider applicants of any skill level, if you believe you are a good fit for the position, do not hesitate to apply!

その他要項

雇用形態

正社員(試用期間:3ヶ月)

給与

6,000,000円〜12,000,000円 (基本給+45時間分みなし残業代+賞与/経験・能力を考慮の上、当社規定により決定いたします)

勤務時間

フレックスタイム制(コアタイム 11:00〜17:00)

休日・休暇

年間休日:131日(2019年実績)

  • 土日、祝日夏期、冬期休暇実績(2019年:夏季9日/冬季10日、2018年:夏期9日/冬期10日)
  • 完全週休2日制/土日祝休み
  • 有給休暇
  • 特別休暇(誕生日休暇、アニバーサリー休暇など)
  • 産前産後/育児休暇、生理休暇
  • 昇給:半期に1回上長との定期面談があり、その際に昇給を決定いたします
  • 賞与:年に1回、業績貢献度に応じて支給いたします

勤務地

〒108-0073 東京都港区三田1-4-1 住友不動産麻布十番ビル4F
都営大江戸線 赤羽橋駅 徒歩4分、東京メトロ南北線 麻布十番駅 徒歩6分

その他待遇

  • 交通費全額支給
  • 自己研鑽手当1万円/月(全正社員対象)
  • 住宅手当有り:オフィスから3km圏内に住んでいる場合は3万円/月、配偶者有りの場合は5万円/月(パートナーシップも対象)
  • 各種社会保険完備(関東ITソフトウェア健康保険組合)
  • 海外カンファレンス参加費/渡航費補助
  • ソフトウェア、書籍購入補助
  • オンライン英会話学習補助
  • セミナー/カンファレンス参加費補助
  • PC(Mac)、マウス、キーボード、ディスプレイを選べる制度
  • 高級チェア利用可能(オカムラのシルフィー)
  • 社員旅行、各種交流イベント多数実施