QbDVision is a modern software company that is defining and building a new category of software within the pharma and biotech industry. Our goal, help organizations swiftly and efficiently deliver the next generation of breakthrough therapies to patients.
As a fast-growing startup, you’ll be collaborating with a diverse collective of dreamers, thinkers, doers on a mission to reshape the way our clients create and deliver life-changing therapies. Our group of talented and highly-motivated people are located all over the world and strive toward every goal with an unflinching commitment to succeeding together. Here, you’ll be working with some of the largest pharma and biotech companies in the world, who are pushing the boundaries of therapeutic innovation. And together, we can make an impact.
We are a people-first organization, focused on building strong teams and creating an exceptional environment for our employees. A remote-first company, that understands that its people are its greatest asset. At QbDVision, there will be opportunities for growth. We are looking for individuals that thrive in a startup atmosphere and want to take ownership of their role. We are rapidly building our core teams that will have a direct impact on our company’s growth.
About The Role:
You’ll be in charge of determining the best direction for QbDVision to improve our overall security posture. You’ll use a combination of white box and black box testing to determine the best way to both find vulnerabilities and make our product stronger. You’ll collaborate with the rest of our engineering team to design, develop, and implement new systems for preserving user security and privacy.
You’ll report directly to the CTO at QbDVision.
What You’ll Own
- Providing technical direction for constantly improving our security posture
- Identifying security weaknesses and opportunities for improvements
- Auditing code and PRs for security issues
- Researching in-the-wild exploits to assess if they are applicable to QbDVision
- Creating/running experiments aimed at testing product/process assumptions to identify gaps
- Come up with new architectures/patterns to improve security
What You Need To Succeed
- Proven 5 to 7 years of experience in the field of penetration testing/software security
- 3+ years of penetration testing experience
- Experience working for crowd-sourced companies such as Synack, BugCrowd, or HackerOne.
- Ability to scan code to find vulnerabilities
- Solid understanding of the security vulnerability landscape.
- Cloud delivery, security, and deployment models (i.e. IaaS, PaaS, SaaS) offerings provided by at least one major cloud vendor, ideally AWS. Moreover, proof of solid understanding of networking protocols, experience in incident response, security engineering, cloud architectures, fine-tuning, etc.
- Excellent verbal/written English skills to pitch your ideas
- A thorough understanding of various vulnerability types, including the OWASP Top 10
- Ability to find vulnerabilities using injection tools such as Burp Suite or ZAP
- Code versioning tools, such as Git
Good to have:
- Developing knowledge of a number of relevant security standards, applying zero trust modeling, and defense in-depth principles
- Awareness of processes and challenges in security management and governance
- Professional certifications in Security and Scrum Management (e.g. CISSP, CCSP, CISA, CISM, Scrum)
- Excellent knowledge of Security frameworks (e.g. CIS)
- Excellent knowledge of security standards (e.g NIS Directive, ISO 27001)
- Excellent knowledge of best practices for web application security (OWASP).
What You Will Love About Us!
- Culture of teaching and learning
- Competitive compensation package
- Family-Friendly PTO Policies – Unlimited vacation policy is reflective of our family-first culture and encourages a healthy work-life balance
- Stipends for equipment, office supplies, and personal development (conferences, skill training, etc.)
- Remote First – Flexible schedule with zero commute, zero dress code, and zero office distractions
For more information, please submit a bio and resume to email@example.com