Associate Security Engineer

India

CloudBees

Accelerate your software delivery with CloudBees, the #1 Jenkins enterprise CI/CD platform. CloudBees empowers teams to build, deploy, and innovate faster.

View all jobs at CloudBees

Apply now Apply later

Description

ABOUT CLOUDBEES


CloudBees provides the leading software delivery platform for enterprises, enabling them to continuously innovate, compete, and win in a world powered by the digital experience. Designed for the world's largest organizations with the most complex requirements, CloudBees enables software development organizations to deliver scalable, compliant, governed, and secure software from the code a developer writes to the people who use it. The platform connects with other best of breed tools, improves the developer experience, and enables organizations to bring digital innovation to life continuously, adapt quickly, and unlock business outcomes that create market leaders and disruptors.

CloudBees was founded in 2010 and is backed by Goldman Sachs, Morgan Stanley,Bridgepoint Credit, HSBC, Golub Capital, Delta-v Capital, Matrix Partners, and Lightspeed Venture Partners. Visit www.cloudbees.com and follow us on Twitter, LinkedIn, and Facebook.


Why this role


You will join the Jenkins Security team which has the mission to enhance the security of the open source project Jenkins, and the CloudBees product based on it (CloudBees CI).


What You’ll Do

  • Dig into the internals of Jenkins and its plugin system from the perspective of web application security.
  • Work on the lifecycle of vulnerabilities.
  • Improve our security tooling/process/automation.
  • Provide security education, increase awareness in the department and in the community.

What The Role Requires

  • Bachelor’s or Master’s degree in Computer Science or related field.
  • 1-3 years of professional experience in Java web application development (JavaScript is a plus) with Bachelor’s degree  or 0 year with a Master’s degree
  • Knowledge & passion for web application security (e.g., OWASP Top 10).
  • Hacker mindset.
    • Willingness to learn.
    • Desire to break things for the good.
    • Solving problems.
  • Knowledge on using CI/CD tools (Jenkins is a plus).
  • Experience in scripting is a plus (Groovy, Shell).
  • Familiar with Maven, Git, Docker.

Scam Notice

Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of CloudBees. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers. Please note that CloudBees will never ask for any personal account information, such as cell phone, credit card details or bank account numbers, during the recruitment process. Additionally, CloudBees will never send you a check for any equipment prior to employment.

All communication from our recruiters and hiring managers will come from official company email addresses (@cloudbees.com) or from Paylocity and will never ask for any payment, fee to be paid or purchases to be made by the job seeker. If you are contacted by anyone claiming to represent CloudBees and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at tahelp@cloudbees.com.

We take these matters very seriously and will work to ensure that any fraudulent activity is reported and dealt with appropriately. If you feel like you have been scammed in the US, please report it to the Federal Trade Commission at: https://reportfraud.ftc.gov/#/.

In Europe, please contact the European Anti-Fraud Office at:  https://anti-fraud.ec.europa.eu/olaf-and-you/report-fraud_en 

Signs of a Recruitment Scam

· Ensure there are no other domains before or after @cloudbees.com.  For example:  “name.dr.cloudbees.com”

· Check any documents for poor spelling and grammar – this is often a sign that fraudsters are at work.

· If they provide a generic email address such as @Yahoo or @Hotmail as a point of contact.

· You are asked for money, an “administration fee”, “security fee” or an “accreditation fee”.

- You are asked for cell phone account information. 

#LI-Remote

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0

Tags: Application security Automation CI/CD Computer Science Docker Java JavaScript Jenkins Maven Open Source OWASP Scripting Vulnerabilities

Perks/benefits: Career development

Regions: Remote/Anywhere Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.