Application Security Architect

Company Description

Wix makes it possible for anyone to succeed online. Since 2006, we’ve grown to 5,000 employees in 17 countries, launched over 40 products, and serve over 230 million users and their visitors worldwide. At Wix, we push you to innovate, evolve in non-traditional ways, and grow outside your comfort zone. We operate in small teams that work closely together to create incredible things. 

Although we’re already industry leaders in web creation and business, our work is nowhere near done. Our goal is to become the main engine of the Internet so we can create a more open web for all. 

Job Description

• Research, identify, evaluate and implement the best solutions for security in Wix’s production environment
• Research, identify, evaluate and implement the best solutions for the platform code and services used by our developers
• Work closely with development and system teams on all SDLC levels, performing security design reviews, threat modeling and penetration tests, while acting as a security mentor for developers
• Investigate abnormal activity in production
• Build creative tools and services to detect and solve cross-security issues

Qualifications

• An Application Security Architect with 5+ years of hands-on experience in offensive application security
• Passionate about cutting-edge technologies
• Have in-depth knowledge of web application vulnerabilities, their exploitation in the real world, and browser security mechanisms
• Have a great understanding of authentication and authorization protocols, and application security methodologies
• Excited by the idea of taking on lots of responsibility, you can work independently and be flexible
• Open-minded self-learner who can see the big picture, analyze complex systems, identify potential failure points and find opportunities for big security wins

You’ll get bonus points if:

• You’ve published security research
• You’ve participated in bug bounty programs
• You're familiar with Node/Java/Scala programming languages, or know your way around Docker containers and Kubernetes
• Knowing your way around AWS and GCP environments, or cloud and microservice architectures

Additional Information

Wix’s Application Security. We’re a group of highly motivated Security Engineers that form a part of the huge R&D group at Wix. Our job is to allow Wix developers and users to achieve their goals without risk, which often means we have to find or invent completely unique solutions.

Our work is extremely challenging due to the huge scale, agility, and high-end technical diversity of the company, and we play an essential role in every area of Wix: design, innovation, SDLC, architecture, infra, dedicated tool/solution development.

In terms of technology, we have the ultimate playground, and although we work closely together, there’s always space for independence, innovation and creativity for every team member.