\nAs a Principal Application Security Engineer at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.\n\nYouโll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.\n\nYou will likely collaborate frequently with and support developers, as well as members of the infrastructure security team, the compliance team, IT, Product, and other teams throughout the organization.\n\nYou love to solve puzzles, and are a great team player.\n\nThis role is remote. The role requires three hours of overlap with the US Eastern time zone (i.e., New York City) daily.\n\nWhat youโll do:\n\nDepending on your preferences and the current needs of the team, you may either focus on just one or two of the following areas, or you may choose to become involved with many of them.\n\n\n* Security architecture โ create a technical plan for partitioning and consolidating our cookies; draft up a sequence diagram for a new middleware to prevent IDOR attacks; implement a POC for leveraging CAPTCHA challenges in cross-origin embedded iframes; draft some code to modify the expiration behavior of our JWTs then pair with our API team to get feedback\n\n* Penetration testing โ either hunt for security issues on our production or staged applications during an open-box internal pen test, or help coordinate an engagement with an external firm\n\n* Writing code for internal automated security tools โ write some code, usually in Python, Bash, or Go, to support any of our team's various initiatives. Often we strive to facilitate a culture of โpaved roadsโ for our developers, such that it is easy for any developer to incorporate security into their designs and implementations\n\n* Threat modeling โ consider how malicious attackers may compromise our systems, and advise developers and product managers on what defenses are needed\n\n* Code reviews โ discover weakness in our source code before it reaches production\n\n* Bug bounty program โ help triage new incoming reports on a daily basis, plus launch creative initiatives to increase researcher engagement on our programs\n\n* Web Application Firewall and Rate Limiting โ expand coverage and tune new rules while coordinating with developers, support team members, and the site reliability team\n\n* Remediation โ enable and encourage developers to correctly fix recently discovered security issues in a timely manner, ultimately reducing our Mean Time To Remediate\n\n* Secure Software Development Lifecycle โ configure automated tooling (eg. static and dynamic code analysis,, IAST) in our SDLC to detect security issues in our source code before it reaches production\n\n* Developer Education, Security Culture โ create fun ways to spread technical security awareness throughout the engineering department\n\n* Incident response โ lead or assist in running the various phases of an incident response, including initial detection, triage, containment, recovery, root cause analysis, retrospective, etc.\n\n* Collaboration with the infrastructure security team โ pair with members of the infrastructure security team on various projects to secure our cloud instances and employee workstations\n\n* Collaboration with the compliance and privacy team โ help ensure that our company complies with industry best practices and standards\n\n* Process improvements โ help strengthen our own internal processes and procedures\n\n* A typical day will look like:\n\n\n\n* Engage with one or more product development teams and guide them through a threat model and data flow analysis.\n\n* Review the code for major new functionality to ensure security best practices are followed. \n\n* Review new tickets in our bug bounty program (http://hackerone.com/vimeo) and use your system design and threat modeling knowledge to reproduce, define risk and mitigating controls and propose a fix., \n\n* A call or two with Development, Product Management teams to discuss security-related issues\n\n* Pen test a new feature in a staging environment with Burp Pro\n\n* Assist the compliance team on a privacy-related project\n\n* Provide technical advice in response to occasional questions from developers and other members of the security team\n\n\n\n\n\n\nSkills and knowledge you should possess:\n\n\n* Required: 5+ years of prior experience in either software development, devops, or site reliability engineering with hands-on coding experience.\n\n* Preferred: prior experience in Application Security\n\n* 7+ total years of relevant experience in Engineering, Application Security, or a similar technical field.\n\n* Strong knowledge of modern web, mobile, and network security\n\n* Strong programming skills with at least one of the following languages, and the ability to read all of them: Python, Go, PHP, Javascript, and Ruby\n\n* Expertise with application pen testing, using tools like Burp or Zap\n\n* Confident working in and across cloud environments like AWS and GCP. Detailed knowledge of at least one cloud environment.\n\n* Confident with shell scripting\n\n* Confident with common SDLC components, like git, Jira, Jenkins, etc\n\n* Confident ability to communicate technical security concepts to developers\n\n* At least an upper-intermediate level of English\n\n\n\n\nBonus points:\n\n\n* Link to a Github repo with security tools/scripts youโve developed or help maintain\n\n* Full-stack web development experience creating RESTful applications (in any language) is a big plus\n\n* Open source vulnerability research or blog posts is a big plusS\n\n* Experience with system security hardening guidelines and SDLC principles\n\n\n \n\n#Salary and compensation\n
No salary data published by company so we estimated salary based on similar jobs related to Design, Cloud, API and Engineer jobs that are similar:\n\n
$62,500 — $105,000/year\n
\n\n#Benefits\n
๐ฐ 401(k)\n\n๐ Distributed team\n\nโฐ Async\n\n๐ค Vision insurance\n\n๐ฆท Dental insurance\n\n๐ Medical insurance\n\n๐ Unlimited vacation\n\n๐ Paid time off\n\n๐ 4 day workweek\n\n๐ฐ 401k matching\n\n๐ Company retreats\n\n๐ฌ Coworking budget\n\n๐ Learning budget\n\n๐ช Free gym membership\n\n๐ง Mental wellness budget\n\n๐ฅ Home office budget\n\n๐ฅง Pay in crypto\n\n๐ฅธ Pseudonymous\n\n๐ฐ Profit sharing\n\n๐ฐ Equity compensation\n\nโฌ๏ธ No whiteboard interview\n\n๐ No monitoring system\n\n๐ซ No politics at work\n\n๐ We hire old (and young)\n\n
\n\n#Location\nTel Aviv, Tel Aviv District, Israel
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
Ceridian is a global leader in Human Capital Management technology. Simply put, we allow our customers to do the most complex things well (HR, Payroll, Benefits Administration, Workforce Management and Talent Management) and do them to scale.
Makes Work Life Betterโข is our brand promise, not only to our customers, but to our employees as well. Our flagship platform, Dayforce, helps leaders make smart decisions based on data, strategy and intelligence that create value and maximize productivity.
How do we make work life better?
By delivering an award-winning product, conceptualized and developed by award-winning leaders, that result in award-winning customer employee experiences
By hiring highly innovative, diverse talent that fully embraces and embodies our core values in everything they do: Customer Focus, Equity, Shared Ambition, Agility, Transparency, Optimism
By using modern technology, such as voice-activation with Dayforce Assistant and access to your money as soon as you earn it with Dayforce Wallet to stay in rhythm with the evolving demands of our 4 million global users
We understand that no matter where you are, choosing a new employer is always one of lifeโs most stressful events. We encourage you to check us out at Ceridian.com to learn more about how we are impacting the world of work for our customers, employees and you!
Location: Work is what you do, not where you go. For this role, we are open to remote work and can hire anywhere in Australia
About The Opportunity
The Principal Service Consultant guides the overall design and delivery of the Ceridian HCM solution to meet customer requirements and provides oversight and direction to project team members in the execution of project activities in all stages of the implementation lifecycle (planning, discovery, design, configuration, testing, deployment, post go-live support). The Principal Service Consultant works closely with the Project Manager to plan the project and identify critical dependencies. Project responsibilities include; facilitation of customer requirements gathering, design of the Ceridian solution to meet documented customer requirements, setting and managing customer expectations, providing guidance and design/configuration oversight to other project resources, identifying risks and communicating issues to the Project Manager.
What Youโll Get To Do
Provide Implementation Services to customers:
Support the project team in the validation of customer's business requirements and mapping to Ceridian functionality
Design and document innovative solutions to solve customersโ business needs
Guide the configuration of the Ceridian application to meet customerโs business requirements
Act as subject matter expert (SME) on strategic implementations
Lead internal project meetings and provide status on progress of activities and deliverables
Contribute to Internal Implementation Initiatives:
Design and document solutions and contribute to a solutions repository
Document best practices and share with the Practice
Lead the subject matter expert (SME) program in at least one area of expertise (Payroll, Benefits, WFM)
Regularly participate in internal process improvement initiatives
Focus on Continuing Education:
Contribute to internal knowledge share; review questions and provide feedback on a continuous basis
Participate in Continuing Education sessions, lead Implementation best practice sessions
Complete new release training on a timely basis; be fully versed on new and/or enhanced functionality in each product release
Mentor consultants on best practice implementation of new product features and functionality, including new customer end to end implementations
Support the sales cycle through solution review and feedback and assistance with scoping and estimation
Participate in prospect discussions regarding solution overview and implementation considerations
Whatโs In It For You
Encouragement to be the best version of yourself at and away from work:
YOUnity diversity and inclusion programs
Amazing time away from work programs
Support for your total well-being through our Live Well, Work Well programs targeting all aspects of your life
Recognition for your contributions through excellent pay, perks, and rewards
Giving where youโre living: volunteer days, Ceridian sponsored events, and our very own charity, Ceridian Cares
Opportunities to fuel your career growth through numerous internal and external programs and events
Skills And Experience We Value
Bachelorโs degree or equivalent experience
Masterโs degree or post graduate coursework an asset
10+ years of experience in human capital management applications consulting
5+ years in Consultant role with Ceridian HCM
Solid experience in business process mapping
Experience in change management an asset
Technical Skills Requirements:
Proficient in Microsoft Office products
Internal expert with software in a SaaS / Cloud computing environment including experience with HRIS
Solid understanding of relational databases and SQL and asset
Experience with one or more of the following applications in addition to Ceridian HCM: SalesForce.com, SAP, PeopleSoft, JD Edwards, Kronos, Workbrain/Infor, RedPrairie/JDA, Ultimate, Oracle HR/Payroll, PeopleSoft, iChris or Preceda
Ability to effectively implement all Ceridian HCM modules
Expert knowledge of common human capital management (HCM) business practices
Deep understanding of different industries and how Ceridian implement best practices apply to the customerโs business practices
Deep Ceridian product knowledge in at least two Ceridian HCM modules (Payroll, WSS, T&A, Leave etc.), as demonstrated through multiple implementations
Functional Skills Requirements
Excellent customer relationship and business acumen
Demonstrates full competence in business function
Ability to engage with multiple projects & customers at the same time and manage competing priorities
Excellent organization, communication and collaboration skills
Ability to lead and facilitate customer and internal workshops and sessions
Ability to mentor junior consultants and guide solution configuration through peer reviews and other QA activities
Acts as role model for Consulting@Ceridian guidelines
Ability to provide implementation scoping and solution guidance in the sales cycle
Interpersonal Skills
Excellent written and verbal communication skills
Excellent presentation skills; able to adjust content and presentation style to different audiences
Ability to establish credibility and rapport with internal and external stakeholders at all levels of organisation
Ability to work within project teams and collaborate cross-departmentally
Ability to communicate effectively with functional and technical resources, Product Management and
Development
Creates formal networks involving coordination across groups
Ability to influence customers to modify current business practices, as required
Ceridian is fueled by the diversity of our talented employees. We are an equal opportunity employer and consider and embrace ALL individuals and what makes them unique. We believe our employees should be happy and healthy, with peace of mind and a sense of fulfillment. We provide our employees with comprehensive benefits for various life circumstances and needs, great opportunities for career development, and a balanced lifestyle to achieve personal and professional success. We encourage all individuals to apply for positions that fit their passions.
We thank all applicants in advance for their interest in this position; however, only those selected for an interview will be contacted. If you are selected for an interview, you will be contacted by a Ceridian Recruiter with a @ceridian.com email directly from our organization.
Apply Now
Salary and compensation
No salary data published by company so we estimated salary based on similar jobs related to Developer, Design, SaaS, Software, Web, JavaScript, CSS, HTML, Git, Microsoft, Senior, Backend, Digital Nomad, Growth, Sales, Docker, Mobile, Ecommerce, Shopify, Testing, Travel, Junior, Android, Education, Ads, Marketing, VFX, Linux, Ruby, Engineer, Salesforce, Test, Cloud, API, Consultant and Consulting jobs that are similar:
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
Our name comes from a combination of two words: Talent and Simplicity. Originally starting our operations in Melbourne in 2018, Talentplicity Consulting now has offices in Melbourne and Sydney, catering to its clients across Australia, in every state and territory.
Talentplicity Consulting (TPC) is a very fast-growing startup IT Consulting firm. TPC is a strategic staffing and consulting augmentation partner to several large to medium-sized companies in Australia. While our head offices are based in Sydney, we also have our second offices in Melbourne.
You need to have;
7+ years of experience working as a Business Analyst.
Due to government regulations, you must be an Australian Citizen to be considered for this opportunity.
Ideally, having a current Baseline or NV1 clearance is highly regarded
Previous work experience in telecommunications or with larger corporations is greatly regarded.
Previous experience with cyber security or network security-related projects is required.
End-to-end process improvement experience for existing processes
Experience with setting up new strategies according to the changing scopes and business needs
Impeccable written and verbal communication skills are critical
Extensive experience with process mapping and modeling.
Excellent Stakeholder Management skills with the ability to work with senior business representatives.
How to apply:
If you think you have what it takes to secure this opportunity, please apply NOW! For further information about this opportunity, please email [email protected] or call us at 0 0447-719-846.
For more jobs like this, please visit our website at www.talentplicity.com.au or on LinkedIn by visiting https://linkedin.com/company/talentplicity
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
The client is a global software product company looking to expand the team by bringing on multiple Automation Test Specialists to expand the team. Client head office is based in Sydney CBD but offer fully remote working anywhere in Australia.
About The Position
You will be responsible for increasing product quality of the complex platform by identifying areas as well as different methods to expand test coverage and improve the overall software quality of platform for the multiple stakeholders and users.
You will be involved in varying and interesting work, including evaluating and championing quality throughout the product development cycle by unifying team test methods, asking the obvious and not-so-obvious questions and challenging assumptions. You will collaborate with our Product, Development and Infrastructure team to ensure they release the highest quality product possible.
Skills & Experience
Experience maintaining and extending both API and UI automation framework across multiple projects.
Developing and executing automated test scripts in an Agile environment.
Actively participate in code review and maintaining test automation repository.
Design, build, edit and update automated test scripts with minimal supervision.
Perform testing (both manual and automated).
Overseeing or doing manual test execution in instances where tests canโt be automated.
Analysing business requirement and increase the overall testing coverage.
Partner closely with dev team to ensure user stories are tested and ready to be released.
How To Apply
If you are interested in hearing more about this position, do not hesitate to contact me or send an updated resume to [email protected].
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
The client is a global software product company looking to expand the team by bringing on multiple Automation Test Specialists to expand the team. Client head office is based in Sydney CBD but offer fully remote working anywhere in Australia.
About The Position
You will be responsible for increasing product quality of the complex platform by identifying areas as well as different methods to expand test coverage and improve the overall software quality of platform for the multiple stakeholders and users.
You will be involved in varying and interesting work, including evaluating and championing quality throughout the product development cycle by unifying team test methods, asking the obvious and not-so-obvious questions and challenging assumptions. You will collaborate with our Product, Development and Infrastructure team to ensure they release the highest quality product possible.
Skills & Experience
Experience maintaining and extending both API and UI automation framework across multiple projects.
Developing and executing automated test scripts in an Agile environment.
Actively participate in code review and maintaining test automation repository.
Design, build, edit and update automated test scripts with minimal supervision.
Perform testing (both manual and automated).
Overseeing or doing manual test execution in instances where tests canโt be automated.
Analysing business requirement and increase the overall testing coverage.
Partner closely with dev team to ensure user stories are tested and ready to be released.
How To Apply
If you are interested in hearing more about this position, do not hesitate to contact me or send an updated resume to [email protected].
๐ Please reference you found the job on Remote OK, this helps us get more companies to post here, thanks!
When applying for jobs, you should NEVER have to pay to apply. You should also NEVER have to pay to buy equipment which they then pay you back for later. Also never pay for trainings you have to do. Those are scams! NEVER PAY FOR ANYTHING! Posts that link to pages with "how to work online" are also scams. Don't use them or pay for them. Also always verify you're actually talking to the company in the job post and not an imposter. A good idea is to check the domain name for the site/email and see if it's the actual company's main domain name. Scams in remote work are rampant, be careful! Read more to avoid scams. When clicking on the button to apply above, you will leave Remote OK and go to the job application page for that company outside this site. Remote OK accepts no liability or responsibility as a consequence of any reliance upon information on there (external sites) or here.
Frontpage
๐ Remote jobs
๐ Dark mode
๐ฉโ๐ป Hire remote workers
๐จ Post a remote job
๐ฑ Compact mode
โ๏ธ Remote work blog new
Health insurance for teams
Hacker News mode
Safe for work mode
