Software Security Engineer
QuintoAndar is a technology company that enables a seamless rental experience from discovery to closing. Through the intensive use of technology and design, we are redesigning the entire rental process, from one end to the other, to allow the kind of customer experience that we wish for ourselves. As a result, we are creating a new business model that is unique in the whole world and that will revolutionize the real estate industry.Technology and design are core components of our DNA. Our team works very very hard, with cutting edge technology and design practices, to invent web and mobile tools that are first of their kinds in the whole world.
🔹Meet the team: Software Engineering🔹
At QuintoAndar you will:
- Work with a top-notch team that uses the best practices and best tools.
- Learn a lot.
- Be part of a high-impact project that will affect many people's lives.
- Have autonomy to make decisions with no endless meetings or bikeshedding.
- Work in an informal environment and horizontal hierarchy.
Software Security Engineer responsibilities at QuintoAndar:
We are hiring a Security Engineer to work in our growing Security team. You will monitor our networks, servers and applications for security issues, implement security software, and document and fix any security issues or breaches you find. To do well in this role you should have experience in the information security field.
- Monitor networks and applications for security issues.
- Investigate security breaches and other cyber security incidents.
- Perform penetration testing.
- Fix detected vulnerabilities to maintain a high-security standard.
- Manage network and web applications vulnerabilities.
- Report and manage an action plan to fix vulnerabilities.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause.
- Work with security team to perform tests and uncover network and applications vulnerabilities.
- Stay current on tech security trends and news.
- Develop company-wide best practices for tech security.
- Help colleagues install security software and understand information security management.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.
Language and location
We are a Portuguese speaking company. This is written in English because 1) we value diversity and thus welcome foreign candidates, and 2) if you are Brazilian you need to be fluent in English in order to learn the most from the rest of the world.
Our office is in Sao Paulo, at Av Paulista, near 'metrô Consolação'.
About our selection process:
It usually takes around 20 days (from your applying to the end) and follows this steps:
1. Application Screening
2. Phone interview with Recruiters
3. Interview with Engineering Team + Reference Check
Important: Our recruitment process starts at the application form! If you really wish be a part of our team, endeavor to do well at this stage of the process. We analyze all the candidates individually. Yes, we do read all applications and we’ll reply even to those who won't follow the process.
You may apply if you:
- Have experience in information security or related field.
- Have experience with computer network and application penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network and applications vulnerabilities and explain how to avoid them.
- Have a strong understanding in specific technical areas within Application Security (i.e., SAST, DAST, Secure SDLC).
- Proven experience with SAST and DAST tools.
- Good understanding of web application vulnerabilities, specifically OWASP top 10, and how to recommend mitigating these vulnerabilities.
We might like you even better if you have:
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Experience conducting secure code reviews.
- Experience conducting Software Penetration Testing.
- Experience conducting Threat Modeling.
Working here is cool AND you get the following:
- Competitive salary package;
- Meal allowance ("ticket refeição and/or ticket alimentação");
- Fuel or public transportation allowance;
- Good health plan;
- Dental plan;
- Life insurance;
- Children Allowance (Daycare);
- Subsidy to sports practicing (Gympass);
- This position offers relocation package for people who would have to move to Sao Paulo;
- Free beer every Friday;
- Very fun, collaborative, and fast-paced work environment - full of smart and ambitious people (know more in this video).
We are a company that values diversity and inclusion. All our current openings are to people with disabilities. If you are PWD and want to join us, register your CV in our resume database for future positions by clicking here.