Application Security Engineer

CCBill is an online payment services provider used by more than 30,000 websites globally that supports the needs of both new and established businesses in the ecommerce and online space. Typical projects on the CCBill side include integration with new processors, improving reporting, and enhancement of systems that can handle high volume transactions with high availability over 3 satellites in Phoenix, Ashburn and the Netherlands. You will have the opportunity to work on both existing and new products and features.

Application Security Engineers at CCBILL have in-depth information security and information technology expertise, including industry knowledge and awareness of emerging technologies which impact cybersecurity. It requires a self-starting individual who is comfortable working across and partnering with a range of functions including Information, Development, Quality Assurance, Architecture with an emphasis on regulatory compliance to promote best practices throughout the enterprise. 

Location: Malta/Serbia/Remote (+/-3 hours CET) 

Working hours: 40h/week, Monday-Friday 

Key Job Requirements: 

• Conduct formal security testing on computer, network and application systems.
• Assess the security of application code, computer software and hardware.
• Conduct security audits and legal cyberattack simulations by designing and utilizing penetration testing tools to access designated pieces of data during a predetermined time frame.
• Develop, automate, and manage penetration testing tools and processes.
• Develop scripts, tools, or methodologies to enhance penetration testing processes.
• Detect system weaknesses, write formal vulnerability reports on findings, develop and recommend solutions for weaknesses found.
• Other duties as assigned.
• Reference: uTsUsXtXXpvIhIQz5iOpfe9QcLCRr-PexTtq0Q8Soys.

Key Skills and Qualifications: 

• This position requires at least a bachelor’s degree in cybersecurity, computer science, information technology, or equivalent work experience.
• Minimum of one valid certification required: CEH, CPENT, GCPN, PenTest+, GPEN, GWAPT
• At least two years of experience in three of the following:Network penetration testing and manipulation of network infrastructure.
• Web application penetration testing.
• Shell scripting or automation of simple tasks using Perl, Python or Ruby.
• Developing, extending, or modifying exploits, shell code, or exploit tools.
• Developing applications in Java, Python, Ruby, etc.
• Source code review for control flow and security flaws.
• Strong knowledge of tools use for web application and network security testing.
• Thorough understanding of network protocols, data on the wire, and covert channels.
• Solid understanding of Linux and Windows operating systems, including bash and PowerShell.

This is an exciting opportunity to work with a highly innovative and creative team, in a great working environment using the latest technologies, methodologies, and frameworks. A competitive salary and benefits package will be offered to the right candidate.