Junior Security Engineer (Application / Threat Modeling) in Niks

NIX is looking for a Junior Security Engineer who is looking to grow in the areas of Application Security and Threat Modeling. This role is ideal for someone who has a basic knowledge of cyber security and wants to work with real systems under the guidance of experienced engineers.

Hands-on experience is not critical! Fundamental knowledge and security mindset are much more important.

Your duties:

• Participation in threat modeling sessions together with Senior engineers.
• Help in creating data flow diagrams, threat lists, basic mitigation strategies.
• Support application security reviews
• Help in identification and documenting security risks.
• Study and application of security best practices.
• Gradual involvement in basic pentesting / security testing.

You will be a successful candidate if you have:

• Deep understanding of the CIA triad and the differences between authentication and authorization.
• General knowledge of OWASP Top 10.
• Basic understanding of secure design.
• Understanding the principles of web applications: cookies and sessions, basic authentication scenarios, REST API basics.
• Theoretical understanding of what threat modeling is, why it is important and what a typical process looks like.

Will be a plus:

• Familiarity with the STRIDE methodology or similar approaches.
• Professional security courses or pet projects.
• Independent study of AppSec or Threat Modeling.
• Initial experience with security tools.
• Technical background (software development, QA or DevOps).