Qubole, the leading cloud-agnostic, big data-as-a-service provider, is passionate about making data-driven insights easily accessible to anyone. Qubole delivers the industry’s first autonomous data platform. The cloud-based data platform, Qubole Data Service (QDS), removes the burden of maintaining infrastructure of multiple big data processing engines, and enables customers to focus on their data. Qubole customers process nearly an exabyte of data every month. Qubole investors include Charles River, Institutional Venture Partners, Lightspeed, Norwest, Harmony and Singtel Innov8.
About the Role
As an Security Application Developer you would be expected to be a passionate coder who wants to take their skillset to new heights by applying security methodologies, techniques and tools to code. As a Security Application Developer you would make significant contributions to security, engineering by improving effectiveness and ensuring that the code is free of dangerous security defects. The successful candidate would be expected to develop elegant solutions to potentially complex business and application programs and apply technology solutions while teaching others the value of secure code and following best practices.
Security Application Developers are expected to constantly seek opportunities for improvement not only to the code but to the entire stack, ensuring that code is not only secure but optimized. That security doesn’t reduce efficiency but improve it. You would be expected to have experience in at least two of the four of the following C++, Java, Ruby, Python and have experience working in UNIX/Linux environments hosted in the Cloud (AWS/Azure) and operating in/on containers.
- Highly Technical. You have Java/Ruby/Python experience and understand how things work and you write code
- You enjoy being creative and curious - approach problems from multiple angles and dig into new topics and apply insights to your projects.
- Experience with Amazon AWS/Microsoft Azure services as a IaaS/PaaS and optionally containers (Dockers/Kubernetes)
- Experience with static code analysis techniques, such as Fortify or CheckMarx, or open-source equivalents; threat analysis or modeling helpful
- Experience understanding security aspects of pentest assessment and mapping security findings into software engineering bugs fixes or enhancement requests
- Strong Understanding of security models surrounding encryption, authentication, authorization and access controls, and related open-source technologies
- Understanding of data security and access modeling for relational and non-relational data stores
- Bachelor's degree in Information Technology, Computer Science, or related field and 6 years experience in information technology or related field within the last 10 years OR 8 years experience in information technology or related field within the last 10 years.
Additional Preferred Qualifications
- OSCP, OSWP, OSCE, GPEN, GWAPT, GXPN certifications (current)
- Experience with bug bounty programs