Info Sec Engineer

Company: WIRmachenDRUCKDo you enjoy working with the latest tech and rolling up your sleeves to help organizations achieve their goals in the cloud, on-premises and everywhere in between? If so, read on!

Cimpress is the world leader in mass customization. You’ve probably heard of our brands, Including WIRmachenDRUCK, Vista, Printdeal, Druck.at, National Pen, Pixartprinting Exaprint, Tradeprint, EasyFlyer, BuildaSign and others.

In this role, as part of WIRmachenDRUCK central security team, you will work with our development community to develop and implement secure coding practices. You will be shaping our security vision and have a tangible impact on a large and ever-increasing number of developers.

This is an excellent opportunity for individuals looking to significantly impact an exciting, highly creative, and ever-evolving culture. Join us and make your mark!

As a (Senior) Application Security Engineer, you will provide the architectural expertise to ensure robust and resilient software. You will also have a critical role in ensuring we are providing the proper training, development frameworks, enabling our developers the

freedom to experiment and take informed decisions when trying new things. We’re seeking someone passionate about software development and looking for opportunities to improve it.

At WIRmachenDRUCK, we value the experiences that individual team members add to our culture. Please don't hesitate to apply even if you don't meet the exact qualifications, we look forward to learning more about you!

• Excellent verbal and written communication skills for presenting solutions and sharing knowledge.
  
• 3 - 5 years of experience as a software engineer & developer with hands-on experience in penetration testing of enterprise level software products.
  
• Application Security & Penetration testing Experience
  
• + Perform penetration tests on web applications, network devices, cloud infrastructures, web-services (REST and Swagger).
  

+ Design and conduct simulated social engineering attacks

+ Research and experiment with different types of attacks

+ Develop & automate methodologies for penetration testing

+ Automate common testing techniques to improve efficiency

+ Write reports on penetration tests; help fix and verify vulnerabilities.

+ Analyze external vulnerability reports & pen-testing reports, security scans, and penetration tests, coordinate fixes.

+ Participate in security design discussions.

+ Stay updated on vulnerabilities, attack methods, and security trends.

+ Troubleshoot, debug, and upgrade existing gaps in security features of the applications.

+ Identify and fix security vulnerabilities in code.

• Security Practices and Implementation Experience
  
• + Analyze bug reports, security scans, and penetration tests & coordinate fixes.
  

+ Monitor, assess and respond to security incidents.

+ Conduct workshops and training on penetration testing for microservices, database & web app.

• Technical Skills and Knowledge
  
• + Experience with the AWS, LAMP stack (Linux, Apache, MySQL, PHP), Node.js (MERN stack/MEAN stack), Docker, Kubernetes, Bitbucket CI, etc.
  

+ Security testing tools such as Burp Suite, Nessus, SQLmap, Arachni, OWASP ZAP, MSF, Offensive Security distributions, Nmap, others.

+ Programming languages, especially for scripting (PHP, MySQL, BASH, Nodejs, HTML)

+ Certifications such as CEH, CISSP, OSCP, CPENT, others.

• Broad awareness of security engineering concepts and practices across all phases of the software development lifecycle
  
• Knowledge of all kinds of security related protocols and standards (TLS, OAUTH)
  
• Knowledge of risk and security frameworks and standards (ISO 27001, NIST CSF, FAIR)
  
• Familiarity with the tools for various security activities: SCA, SAST/DAST as well as best-practice documents like OWASP Top 20
  

Being at WIRmachenDRUCK means that you don’t see work as just a building, a desk or a manufacturing floor. You see it as a chance to take a step forward in your career journey – and your life. We strive to give you everything you need to learn, grow, and succeed.

Through innovation, collaboration, and perpetual exposure to what’s next, we’re always pushing boundaries and broadening our horizons. We embrace the chance to operate outside of our comfort zone to discover what we’re capable of. Some might call that a challenge; we just call it another great day at work.

In 2020, WIRmachenDRUCK adopted a Remote-First operating model and culture. We heard from our team members that having the freedom, autonomy and trust in each other to work from home and, the ability to operate when they are most productive, empowers them to be their best. WIRmachenDRUCK also provides collaboration spaces for team members to work physically together when it's safe to do so and when in-person collaboration will deliver the best results.

WIRmachenDRUCK, a Cimpress company, is an Equal Employment Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, sex, national or ethnic origin, nationality, age, religion, citizenship, disability, medical condition, sexual orientation, gender identity, gender presentation, legal or preferred name, marital status, pregnancy, family structure, veteran status or any other basis protected by human rights laws or regulations. This list is not exhaustive and, in fact, in many cases, we strive to do more than the law requires.

Penetration Testing

Vulnerability Testing

PCI DSS

AWS/Azure/GCP

SAST/DAST

OWASP

Founded in 1994, Cimpress (Computer Integrated Manufacturing Press) empowers individuals and businesses worldwide to make their mark through customized, high-quality products. With a $5 billion market cap and a presence in 24 countries, Cimpress is a market leader in mass customization—offering a wide range of personalized items, including print, signage, apparel, and packaging. Cimpress India (CI) supports Cimpress businesses by providing top-tier talent and operational solutions, advancing its mission to deliver value through personalization. Operating as a "talent container" model, CI simplifies hiring, payroll, HR, and logistics, allowing businesses to focus on their ambitious goals. Currently, Cimpress India hosts over 2,400 team members across 14 Cimpress brands, with key hubs in Ahmedabad, Bengaluru, and Mumbai. Our teams play a vital role in Cimpress’s commitment to mass customization and innovation, making custom products accessible and impactful.