Cyber Security Specialist

About the role

We are looking for a Cyber Security Specialist with strong hands‑on experience in vulnerability discovery, secure code review and web security. The role involves protecting our applications and infrastructure by identifying and remediating security flaws.

Key responsibilities

• Perform vulnerability research, including CVE exposure, bug bounty programs, red‑team exercises and capture‑the‑flag challenges.
• Conduct secure code reviews and produce production‑grade patches for identified issues.
• Analyze and mitigate web‑security risks such as OAuth, JWT, SSRF, injection attacks and access‑control flaws.
• Investigate cryptographic weaknesses, timing attacks, padding oracles and misuse patterns.
• Identify filesystem vulnerabilities like TOCTOU, symlink attacks and path traversal.
• Utilise SAST, Fuzzing and IAST tools to automate detection.
• Write and maintain security tooling in at least two of the following languages: Go, Python, Node.js, Rust.
• Work with Docker containers, Linux internals and automated testing pipelines.
• Analyse obfuscated or minified code to uncover hidden threats.

Required profile

• Minimum 4 years of experience in cybersecurity, application security or vulnerability research.
• Strong problem‑solving skills and ability to work independently.
• Passion for staying up‑to‑date with the latest security trends and attack techniques.

Required skills

• Cybersecurity, Application Security, Vulnerability Research
• Vulnerability discovery (CVE, bug bounty, red teaming, CTF)
• Secure code review & patching
• Web security (OAuth, JWT, authentication, sessions, SSRF, injection, access control)
• Cryptographic vulnerabilities (timing attacks, padding oracles, misuse patterns)
• Filesystem vulnerabilities (TOCTOU, symlink attacks, path traversal)
• SAST, Fuzzing, IAST tools
• Programming languages: Go, Python, Node.js, Rust (at least two)
• Docker, Linux internals, automated testing
• Obfuscated/minified code analysis