About Joy Business Academy-
Joy Business Academy is a growing and ambitious studio leading lifelong learning. We use modern digital tools, game design techniques and innovative technologies to re-envision the delivery of innovative learning solutions. We are calling out for an experienced Senior Security Engineer to come work our diverse team of programmers, artists and game designers.
You’ll be coming to a team with a strong sense of ownership and pride over their work, that is deeply attuned to creating positive social impact for a wide range of learning communities.
Sounds intriguing? Read up on what we’re looking for, and let us know if you are the one.
Your responsibilities - (a.k.a what you can expect to do on a day-to-day basis)
Perform security risk assessments toward our Web/Game-client platform, and advise on appropriate mitigations
Reviewing project technical design & architecture, as well as from source code level
Vulnerability scanning and identification
Conducting configuration reviews on our Azure-hosted solutions
Working closely with DevOps, Dev and QA teams as well as our clients to deliver a safer product
Skills Profile -
(a.k.a requirements to be successful in the role)
Familiar with common security frameworks
Understands key security risks and controls
Great documentation and communication skills (written and verbal)
Experience in assessing security vulnerabilities; including security reviews/audits
In-Depth knowledge of OWASP / OSSTM best practice security testing processes
Ability to create, maintain and improve security-related development processes.
Experience with using public cloud services, we use Azure
Experience with CI/CD process and technologies (e.g. Jenkins or equivalent).
Knowledge of versioning systems like GitHub, Perforce, etc.
Major bonus points will be earn for:
Strong web/applications development or DevOps background
3 years+ in information and cybersecurity
Azure Security Engineer Certified / AWS Certified Security - Specialty
Other Certifications: OSCP, OSCE, CREST, GPEN, GWAPT, GXPN, GMOB, OWSE
Source code security analysis experiences
Penetration testing experiences
Participated in any bug bounties on the Hackerone or Bugcrowd platforms
Having a security blog that you regularly post on
Attended or presented at a security conference
What we offer -
Have an impact: with innovation and smart technology, we are changing the way people learn, and you too can have an impact on this disruptive adventure.
If this role sounds like your next opportunity, please send your resume, examples of your work, and an accompanying cover letter that includes:
Key relevant experience
Why you would like to work for JBA
We are an equal opportunity employer and value having members that represent our global diversity. We strongly encourage any individual regardless of race, religion, colour, nationality, gender, sexual orientation, age, marital status, or disability status to apply for this role.