If you are a Techstars portfolio companyclaim your profile.

Application Security Engineer

Korapay Technologies

Korapay Technologies

Lagos, Nigeria
Posted on Wednesday, April 3, 2024

About Kora

Kora is the marketplace for everything payments. We offer a robust payment API for payment collections, disbursements and conversions for businesses anywhere in Africa.

Our vision, which is at the core of what we do every day, is to create a world void of digital financial barriers. We are committed to delivering reliable, secure, and easy-to-use digital financial solutions to every single customer with a guarantee that it is improving their lives. To achieve this mission, we need people like you.

We strongly believe in our ability to find Water in the Desert and pick the Sands in the Ocean.

We value positive energy, and clear communication and are committed to building an inclusive environment for people from every background.

About The Role

As an Application Security Engineer at Kora, you will work with the Application Security team to define and execute the security strategy of our products

You will ensure that security is embedded in how we build our products from design and development to testing to how we run them and partner with Product and Engineering teams to strategically guard against existing or emerging threats.

This position is responsible for cultivating a culture of security awareness across the Engineering & Product teams.

The ideal candidate has deep technical security knowledge and expertise and will help define and implement robust security architecture strategies, frameworks, and governance processes.

In this role, you will be designated to one of Kora's strategic business units.

Here are a couple of things you'll be doing:

  • Upholding code reviews across all code platforms.
  • Take charge of bug intake and remediation processes for the organization.
  • Provide leadership for application vulnerability scanning and penetration testing remediation.
  • Manage integration with vulnerability check tools such as Static Code Analysis and Dynamic Code Analysis tools.
  • Discover Security exposures and mitigation plans, and report and fix the technical glitches.
  • Administering and carrying out configuration optimization on Web Application Firewalls.
  • Actively participate in security initiatives with minimum supervision.
  • Be the subject matter expert for application security solutions.
  • Provide guidance for junior-level security engineers.
  • Work closely with cross-functional teams (Engineering, DevOps, and Product) while carrying out daily tasks.
  • Responds to computer security incidents according, leverages subject matter expertise where established processes do not exist.
  • Acts as a subject matter expert regarding CSIRT incident response processes.
  • Identify and manage potential and actual operational issues within the incident detection/response domain and take corrective action.
  • Contribute to requirement gathering with the product team in the area of application security.
  • Work together with cross-business units on executing standardized security solutions and integrations.
  • Assist in the development of automated security testing to validate that secure coding best practices are being used.
  • Conduct regular security assessments and report on findings.
  • Work as a red team member, driving an offensive security approach to improving the security posture of the organization.
  • Other duties as assigned by the CISO.