Senior Application Security Researcher
- Full-time
- City: Tel Aviv
- Department/Company: Security
Company Description
Wix makes it possible for anyone to succeed online. Since 2006, we’ve grown to around 5,500 employees in 22 countries, launched over 40 products, and serve over 243 million users and their visitors worldwide. At Wix, we push you to innovate, evolve in non-traditional ways, and collaborate. We operate in small teams that work closely together at a high level.
Although we’re already industry leaders in web creation and business, our work is nowhere near done. Our goal is to become the main engine of the Internet so we can create a more open web for all.
Job Description
Research, identify, evaluate and implement the best solutions for security in Wix’s production environment
Research, identify, evaluate and implement the best solutions for the platform code and services used by our developers
Work closely with development and system teams on all SDLC levels, performing security design reviews, threat modeling and penetration tests, while acting as a security mentor for developers
Investigate abnormal activity in production
Build creative tools and services to detect and solve cross-security issues
Qualifications
A Senior Application Security Researcher with 5+ years of hands-on experience in application security
Hands-on experience in security research with an offensive mindset
In-depth knowledge of web application vulnerabilities, their exploitation in the real world, and browser security mechanisms
A deep understanding of authentication and authorization protocols, and application security methodologies
Passionate about cutting-edge technologies
Excited by the idea of taking on lots of responsibility, you can work independently and be flexible
Open-minded self-learner who can see the big picture, analyze complex systems, identify potential failure points and find opportunities for big security wins
An advantage if you:
Published security research
Participated in bug bounty programs
Know Node/Java/Scala programming languages, or know your way around Docker containers and Kubernetes
Know your way around AWS and GCP environments, or cloud and microservice architectures
Additional Information
Wix’s Security Guild is a group of highly motivated Security Engineers that form part of the Wix R&D group. We allow Wix Developers and users to achieve their goals without risk, often meaning we find or create unique solutions. Our work is exceptionally challenging due to Wix’s scale, agility, and advanced technical diversity.
Wix’s Application Security is a group of highly motivated Security Engineers that form a part of the huge R&D group at Wix. Our job is to allow Wix developers and users to achieve their goals without risk, which often means we have to find or invent completely unique solutions.
We play an essential role in every area of Wix: design, innovation, SDLC, architecture, infra, dedicated tool/solution development.
When it comes to technology, we have the ultimate playground, and although we work closely together, there’s always space for independence, innovation and creativity for every team member.