Porto, Porto, Portugal
Based on Experience
Probely, a Portuguese cybersecurity startup, is looking for a Web Security Scanning Analyst to join our team and help us improve the success of our customers' experience and their journey to achieving the security of their applications.
At its core, Probely is a service that finds vulnerabilities in Web Applications and APIs and provides guidance on fixing them, in a developer-friendly approach. It has an intuitive web interface, and it follows an API-first development approach, providing all features through an API. This allows Probely to be integrated into Continuous Integration pipelines to automate security testing, and to integrate with virtually anything!
We have clients across the globe, from Australia to the US, and in 2018, WIRED considered us one of the 100 hottest Startups in Europe! This is an excellent opportunity if you're looking to work with a highly experienced, fast-paced, and motivated team. It also gives you the chance to help the company grow, and you with it.
Our team is cohesive and informal. Each person has the autonomy to try different stuff. We make mistakes, we learn from them, and we try harder.
Probely is a remote-first company, meaning equal terms when working from home or from the office. This means that if we have a meeting and part of the team is in the office and at least one person is remote, everyone will join the meeting as if they all were remote. Despite being a remote-first company, we will prioritize applications from candidates that reside in the Porto District, in Portugal.
A typical customer journey involves the customer adding targets (web applications or APIs) to test, run scans, work on the results to achieve the risk level that the business is willing to accept, fixing vulnerabilities, and re-testing them.
You will have a direct impact on the business and be responsible for helping the customer achieving success in all of the above. This involves checking if the coverage of scans was good, if targets were properly configured (such as login configuration), if integrations are working, the results of a scan, vulnerability curation, etc.
You should be quite familiar with HTTP; browser's Inspect mode; DOM; HTML and a bit of JS. Knowledge about information security is not a requirement, but being interested in the subject will make your stay here much more fun.
The ideal candidate would have a strong interest in technology (previous technical professional or academic experience is required).
What we offer: