Security Engineer

Insider, Istanbul, Turkey

The First Integrated Growth Management Platform

Duration: Full-Time

Have you met with Insider? If your answer is “No” this paragraph is for you: We are a fast-growing, fast-paced Technology Startup backed by Sequoia Capital which previously invested in brands such as WhatsApp, YouTube, Instagram & Airbnb. We are trusted by more than the world’s 1100+ leading brands such as Singapore Airlines, Virgin, Uniqlo, Nestle, Nissan, Samsung, Lenovo, Puma, Media Markt, IKEA, Allianz, Santander, Dominos, Avon, and CNN. We have also been listed amongst the 2017 Red Herring Europe Top 100 & were selected as the # 1 Start-Up for 4 consecutive years. Our CEO Hande Cilingir was listed as one of the top 5 Women CEOs located outside of the US, by Crunchbase. We help our partners to grow beyond the speed of customer expectations, drive growth across the funnel. We provide them an experience beyond their imagination, uplift their customer interaction from Acquisition to Activation, Retention, and Revenue with our cutting edge ML & AI technologies. We answer all their needs with our Growth Management Platform and stand by them at every step of the way. We move fast and agile, create beautiful cutting-edge products, and create an impact with our 600+  teammates in 25+ offices. 

Security is in the foundation of our customer’s trust in Insider. 

In this role, you will grow our software security program that facilitates security being baked into all of the products and infrastructure built at Insider. 

The responsibilities are a blend of security engineering and software engineering. 

If you’re a security engineer who wants to make the dream a reality, this is a great opportunity for you to have an impact across an entire engineering organization and support a world-class software security program.

A Security Engineer in Insider day in and day out:

  • performs web, mobile application, and internal penetration test, source code reviews, threat analysis, social-engineering assessments,
  • monitors security tools and take action in response,
  • researches new attack vectors and stay current with cybersecurity news and trends,
  • trains Quality Assurance and Development teams in standard security testing techniques.

We want you to join us while we are taking a step into the future if you:

  • have 3+ years of working experience in web application security,
  • have hands-on experience in security testing of Web applications, Web service, Mobile applications, APIs, etc.
  • have experience securing REST APIs and web services,
  • have experience using and implementing SAST / DAST tools such as Fortify, Veracode, Checkmarx, or other similar tools,
  • have familiarity with software library vulnerability scanning and tracking tools such as BlackDuck, Whitesource, and so on,
  • know conducting penetration tests of information systems using commercial and open-source exploitation tools,
  • have a good understanding of standard security vulnerabilities and common remediation as published by OWASP, SANS, etc.
  • have experience working with secure coding methodology and best practices and their implementation within engineering teams,
  • will support developers of our business units in their SDLC and provide guidance regarding mitigations to emerging threats,
  • will review application source code based on static application security testing tools,
  • will be engaging in security research to remain current on vulnerabilities and testing tools,
  • will be creating detailed, professional documentation/reports that clearly communicate vulnerabilities, mitigation strategies, and remediation steps,
  • have the ability to work on multiple projects concurrently and be committed to providing exemplary customer service,
  • have experience with obtaining access through spear-phishing,
  • have strong written and verbal communication skills in English,

These Qualifications Would Be Nice To Have:

  • Python, Javascript, PHP programming experience is a plus,
  • Knowledge in scripting (any language) and experience in automation scripts for application security testing,
  • Familiarity with cloud security, particularly AWS Security concepts,
  • CEH, eWAPTx, OSCP and other certifications desired but not required,
  • Ability to work in a team-centric environment,
  • Strong critical thinking and analytical skills,
  • Experience drafting technical manuals, installation manuals, procedure outlines, and incident response plans in order to enhance system security documentation,
  • Experience executing white, gray or black box security posture assessments and complete detailed reports that outline the findings and recommendations,
  • Strong presentation, written, and oral communication skills.

While exporting our technology to the world, we offer you:

  • “Tech Talks” with famous and groundbreaking people from the software world, “Dev Talks” where our Software Developers talk about their career steps, and many events where groundbreaking ideas are discussed,
  • Hackathons we organize inside that push the boundaries, programming challenges, and coding competitions,
  • Free access to exclusive services such as Laracast, Egghead, Udemy, Blinkist, Masterclass, Amazon Kindle, and Spotify
  • Shareowner System that we offer to all Insiders who meet certain criteria
  • Pension 
  • Inclusive Private Health Insurance
  • Multinet to cover food expenses covered on a monthly basis
  • Team Activities that are bursting with fun,
  • No Dress code! This is a fast and innovative startup, you can wear whatever you want.
We provide equal opportunity in a zero-discrimination workplace and not just welcome but also embrace everyone without regard to sex, race, color, nationality, religion, gender identity, sexual orientation, disability status, citizenship, or marital status.

About Insider

Insider Growth Management Platform (GMP) helps digital marketers drive growth across the funnel, from Acquisition to Activation, Retention, and Revenue. Leveraging real-time predictive segmentation powered by deep Artificial Intelligence and Machine Learning capabilities, GMP empowers marketers to deliver personalized journeys across web, mobile web, mobile apps, and ad channels. Built on a unified data layer, GMP is easy to implement and simple to use, avoiding the need for complex integrations and dependency on IT teams. Insider simplifies the life of digital marketers and helps them drive growth for their brands, with zero marketing waste. Insider is a technology company with offices in London, Singapore, Tokyo, Dubai, Moscow, Warsaw, Kuala Lumpur, Jakarta, Istanbul, Kiev, Sydney, Seoul, Ho Chi Minh City, Bangkok, Hong Kong and Taipei. Insider was listed as one of the 100 Hottest Startups by WIRED Magazine and won Red Herring Top 100 Europe in 2017. Crunchbase has recently ranked Insider’s co-founder and CEO Hande Cilingir as one of the top three women CEOs outside of the US. Helping world’s leading brands grow beyond the speed of customer expectations, Insider is trusted by over 300 businesses across various industries including UNIQLO, Singapore Airlines, Tokopedia, Virgin, New Balance, Nissan, Huawei, Samsung, Orange, Puma, Ticketmaster, Newsweek, Air Arabia, Media Markt, AVIS, Allianz, BBVA, Domino’s, McDonald’s, Avon and CNN.


Want to learn more about Insider? Visit Insider's website.