Web Security Engineer
Remote job
About Trafilea
Trafilea is a dynamic and innovative Tech E-commerce Group that operates multiple direct-to-consumer brands in the intimate apparel and beauty sectors, with a focus on using data-driven strategies to scale their businesses. In addition to our products, we have our own online community dedicated to promoting body positivity. As a rapidly growing global player, Trafilea is committed to creating high-quality products and services that enhance the customer experience and drive long-term growth.
The mission of the Web Security Engineer is to ensure the security, integrity, and compliance of the organization’s web applications and infrastructure. This includes proactively identifying and mitigating vulnerabilities, implementing security best practices, and collaborating with cross-functional teams to embed security into every stage of the development lifecycle. The Web Security Engineer plays a pivotal role in safeguarding sensitive data and protecting against emerging threats.
Requirements
Must-Have Technical Skills
• Proficiency in identifying and mitigating OWASP Top 10 vulnerabilities.
• Strong knowledge of web application architecture, including client-server models, APIs, and microservices.
• Experience with security tools such as Burp Suite, OWASP ZAP, and automated vulnerability scanners.
• Hands-on experience integrating security tools into CI/CD pipelines.
• Knowledge of secure authentication mechanisms, such as OAuth, SSO, and multi-factor authentication.
• Familiarity with common encryption standards and protocols (e.g., TLS, HTTPS, AES).
Must-Have Soft Skills
• Excellent problem-solving and analytical abilities to identify root causes of security issues.
• Strong communication skills for educating developers and reporting findings to stakeholders.
• Ability to work collaboratively across teams while maintaining a proactive approach to improving security.
Should-Have Technical Skills
• Familiarity with cloud security, especially in AWS environments.
• Experience with scripting and automation using Python, Bash, or similar languages.
•Knowledge of compliance frameworks and how they apply to web applications (e.g., GDPR, SOC 2).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AES APIs Automation AWS Bash Burp Suite CI/CD Cloud Compliance E-commerce Encryption GDPR Microservices OWASP Python Scripting SOC SOC 2 SSO TLS Vulnerabilities
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.