Application Security Specialist
Beat / Amsterdam (NL)Apply on site
We are looking for a technical Application Security Specialist, reporting to our Head of Information Security, to:
* Lead Beat's Application Security function, ensuring high levels of engagement, alignment to goals and effective balance for security and process efficiency
* Plan and design Application Security initiatives focusing on priorities and roadmap activities
* Drive continuous improvement in the secure software development lifecycle to achieve a DevSecOps approach
* Support Beat's engineering teams with analysis of vulnerabilities to identify systemic weaknesses and drive continual improvements in products, systems and behaviours
* Create and deliver a series of workshops to provide developers with technical application security training using OWASP Top 10 or similar
* Support security and regulatory compliance as part of our Information Security Management System, aligned to ISO27001 Outcomes: Define strong SDLC and Penetration testing frameworks to enable Beat to push secure code to production
* Train Beat engineers on how to code securely, changing the culture and maturing the security of code development, * Flexible working hours, top-line tools [Jira / Notion / Slack / GSuite / Zendesk / Miro / Figma / Redash and big data in the cloud]
* Working in a hyper-growth environment
* Healthy lunch and snacks at the office
* 100 euros a month to health insurance [Amsterdam]
* BEAT Wallet [in our live markets]
* Learning & development budget
* Regular Enrichment Day to focus on your learning & development
* A great opportunity to grow and work with the most amazing people in the industry
* Being part of an environment that offers challenging goals, autonomy and mentoring, which creates incredible opportunities, both for you and the company
One city at a time, all across the globe, Beat makes transportation affordable, convenient, and safe for everyone. We also help hundreds of thousands of people earn extra income as drivers.
Today we are the fastest-growing ride-hailing service in Latin America. We own LatAm's largest sustainable taxi fleet and are proud to employ those drivers. But serving millions of rides every day pales in comparison to what lies ahead. Our plans for expansion are limitless. We care deeply about providing affordable, safe and fast transportation to people in urban areas, as well as creating additional income opportunities for millions of drivers in developing countries.
Building a ride-sharing app allows us to focus on solving real-world problems, and see the immediate impact of these on our customers. Elements like peak-traffic hours, sudden construction work on the subway, holidays, weather changes, or local events all affect our ability to deliver rides to customers' satisfaction.
The recipe for success is having an excellent blend of dynamic pricing, swift dispatching, seamless payments, reliable identity and safety and many more other experiences working together. Beat has loads of data: think about millions of users, millions of rides per month, 5 markets (and counting) …and geospatial data from our users every few seconds. We are passionate about every corner of Beat being data-driven.
Beat is currently available in Greece, Peru, Chile, Colombia, Mexico and Argentina.
* Accountability for application security covering web, desktop and mobile applications
* Collaborating with developers to successfully train and encourage them to follow security best practices including on testing methodology
* Ability to express security issues in a technical way to developers
* Project management in engagements involving other team members including setting up the software development life-cycle holistically
* Working in an agile DevSecOps environment
* Working knowledge of coding languages and experience of dynamic / static testing tools
* Experience of working in a microservices environment.
Penetration Testing Experience:
* Familiarity with security tools used when ethical hacking and penetration testing
* Designing and defining penetration testing frameworks