Junior Software Engineer (Security team)
We are looking for a Junior Software engineer to our security team who is interested in ensuring that all the code and infrastructure serving millions of Prezi users are secure and the necessary security systems are in place to catch if something goes wrong.
Apply if you are excited about:
- Joining a team who believes security is a mindset and not only a team.
- Working on wide variety of problems (anything from finding and building up secure ways to handle service secrets to detecting exploited application security risks from the live web traffic).
- Working in a challenging, fast paced and always changing environment.
Challenges you will face with us:
- Learn from our mistakes and recognise new patterns from previous issues. Sometimes we will just improve our existing detection tools, but it happens that we have to build up something totally new.
- Reviewing alerts from the various automated tools we developed and taking care of any valid risk you found until it gets fixed.
- Helping the teams to find and use the safest solutions and sometimes taking active part in the mitigations themselves as well.
- Working with people of various kind (both internally and externally through our Bug Bounty Program), a huge infrastructure with Chef, AWS and programming/scripting languages like Python.
We prefer you having:
- Experience with the web technology stack (e.g. HTTP, cookies, asset loading, caching, REST).
- Understanding of networking technologies (you aren’t afraid of the TCP/IP stack, packet captures and others).
- Confident programming skills in an interpreted programming language (preferably Python, and/or Perl, Ruby, PHP).
- Passion for clean, maintainable code.
- Bachelor's degree in Computer Science or Software Engineering – equivalent work experience is acceptable.
- Ability & willingness to learn fast and pick up new things easily (e.g. to be able to work with the full stack).
- Strong critical thinking skills.
- Great communication skills in English.
We'll be really happy if you also have:
- Security related experience (e.g. application security, network security, penetration testing, code reviews, …)
- OSCP, OSCE or any other practical information security certifications
If you would like to learn more about what we do or the team itself, here are some links to our open source projects, blog posts and presentations:
- [tool] Reddalert to detect risky security changes in AWS - https://github.com/prezi/reddalert/
- [tool] Repoguard to check and alert on any change in git repositories which might be interesting - https://github.com/prezi/repoguard/
- [blog] How we defeated Heartbleed - https://medium.com/prezi-engineering/heartbleed-defeated-cf84046d905b
- [blog] Story of an awesome bugbounty submission - https://medium.com/prezi-engineering/prezi-got-pwned-a-tale-of-responsible-disclosure-ccdc71bb6dd1
- [presentation] Security alerts that are worth a phone call / Hacktivity 2014 - video: https://www.youtube.com/embed/wwAgTgDLLhA?autoplay=1 prezi: https://prezi.com/mdzriwr_-waa/security-alerts-that-are-worth-a-phone-call/
- [presentation] Scaling Security / Confidence 2014 - video: http://youtu.be/1fCURjTVih0 prezi: https://prezi.com/o44i9lrrqyka/scaling-security-confidence-2014-securityprezi/
Meet Some of Prezi's Employees
Inside Sales Associate
Brett loves that, through his role at Prezi, he is able to help businesses around the world stand out from the pack and tell their stories the way they want to.
Back to top