Security Engineer - Full Time

Plesk is one of the most widely used control panels and software platforms for simplifying the lives of developers and Web Professionals.

The Plesk software platform operates on more than 380,000 servers globally, supporting the operations of more than 11 million websites and 19 million email boxes for customers in 230 countries with 50% of the world’s top 100 hosting service providers partnering with Plesk today.

Our team is focused on the analysis of products and services from a security perspective. We are conducting threat modelling meetings with development teams, performing reviews of source code, discussing security aspects of product features. This means, we are not producing changes in the code itself, but aimed at finding vulnerabilities, performing risk assessment and providing all this information to development teams. Currently, we are working on an introduction of DevSecOps practices in the development workflow. We are working with private bug bounty programs and external auditors.

YOUR FUTURE TASKS

Processing security alerts and investigation of incidents
Organizing Security Development Lifecycle process for the product and the services
Code research and review in order to find vulnerabilities
Carrying out procedures for ensuring security of the infrastructure servers
Preparing educational materials for developers

REQUIREMENTS

Necessary:

Good system knowledge of Linux and security aspects of the system.
Understanding what vulnerabilities are, how they occur, and how to prevent them.
Understanding TCP/IP and work principles of DNS, FTP, SMTP, HTTP, HTTPS
Understanding TLS, cryptography
Ability to read and write in English

Preferably:

Experience working in a similar position
Experience in DevSecOps tools and practices
Experience in development in any programming language and ability to understand somebody else’s code (PHP, Go, Javascript, Python, Bash)
Experience in working with cloud systems (AWS, Google Cloud)
Experience in Docker, Kubernetes

HOW WE WORK

Every week one team member is working on all external requests and alerts, while other team members are focused on our “strategic” tasks. Then we are switching.
Once every 2 weeks, we have a security guild where we share knowledge with developers, discuss any security related issues, and grow Security Champions inside dev teams.

Have we caught your interest?

Please send us your complete application including your CV, motivation, references, possible starting date and salary expectation via our online form below:

For us to be able to collect and process your personal data, please read and accept our Job Applicant Data Policy. You can also read about our recruiting process and how we stay GDPR compliant. Get more information on our Privacy Policy here.

We need your skills and expertise

Plesk is the leading WebOps platform and hosting control panel that supports operations for over 11 million websites, 19 million mailboxes and 400,000 servers. Our customers are developers, designers, agencies, IT administrators and hosters.

Our Mission

We strive to provide a more secure and efficient platform to help web professionals and hosting companies automate and manage their projects and infrastructure, allowing them to focus on growth.

Security Engineer - Full Time