Job Details

Remote

Full-time

About the company

Bright Security is a rapidly growing global SaaS B2B company tackling some of the biggest challenges in Application Security. Brights enterprise-grade, dev-centric Dynamic Application Security Testing (DAST) platform provides comprehensive application testing from development to production and cloud, offering detailed vulnerability proof and remediation guidelines throughout the SDLC. Our solution accelerates issue awareness remediation from a 12-week average to same-day discovery.

About the product

Brights product is the first of its kind to integrate DAST testing into unit tests, integrating into CI/CD pipelines, and various educational programs designed for developers to adapt an early and often posture when it comes to testing for security vulnerabilities. With the Bright engines stellar technical and business logic, minimal false positives, and developer-centric design, there is no need for manual validation of security findings, removing costly and time consuming human bottlenecks that cripple rapid releases and drain dev teams limited security resources.

Sphere of operation: Application Security Testing

Position

We are seeking a talented and experienced Full Stack Engineer with a strong emphasis on backend development, a founder mindset, passionate about app security and web vulnerabilities to join our dynamic team. As a Full Stack Engineer, you will play a pivotal role in designing, implementing, and maintaining our solution. You will collaborate closely with cross-functional teams to deliver high-quality software solutions.

In this role you will be a part of our R&D Team and reporting to the engineering manager.

Key Responsibilities:

• Actively contributing new features to different components in our architecture, using various languages in our stack such as Node.js, Crystal, Go and Python
• Leading and designing solutions, including implementation of new attack vectors, improving current attacks true/false positive rates, and other new features (such as providing real-time health indicators on targets)
• Participating in research, conducting reviews and implementation process of new attack vectors
• Owning your code with multiple level of testing including unit, integration and E2E

Qualifications:

• Minimum 5 years experience software engineering with at least 2 years in a senior role
• Excellent collaboration and communication skills in English
• Deep understanding of engineering concepts such as asynchronous programming, OOP, event driven communication, Event sourcing, proxies, Indexing, etc.
• Experience both compiled languages and interpreted languages, and not being afraid to write in both paradigms
• Strong problem-solving skills and ability to troubleshoot and optimize code for performance
• Familiarity with CI/CD tools like GitHub actions / Jenkins, RESTful APIs and asynchronous request handling.
• Ability to adapt to evolving technologies and learn new skills quickly.
• Self-learner, strong can-do attitude and great interpersonal skills.
• High level of experience in data storage technologies like PostgreSQL, MongoDB, and Elastic search

Nice to have experience in

• App security experience, OWASP top 10 familiarity
• Experience with Docker, k8s, and configuration management tools.
• Knowledge of GraphQL and its implementation.
• Experience with testing frameworks such as Jest or Enzyme.
• Performance analysis and optimization techniques
• Contribution to open-source projects or a strong GitHub profile is a plus.
• Continuous delivery and other DevOps practices
• Performance analysis and optimization techniques
• Competitive compensation
• World-class security experts changing the world of application and API security. Do it with us.
• Ability to interact with some of the largest global organizations as prospects and customers
• A diverse and inclusive workplace. Bright is an equal-opportunity employer, and our team comprises individuals from diverse backgrounds, lifestyles, and locations.