About SmartNews

Shibuya, Tokyo

SmartNews is a news app with 20 million monthly active users in the U.S. and Japan. We are a machine-learning company deeply committed to helping users find quality news beyond the filter bubble.

Key benefits

  • Not too big, not too small
  • Highly collaborative environment
  • International team

About the position

Responsibilities

  • Support “shift left” security by implementing third parties and building scripts to support modern security best practices into self-service tooling
  • Work with engineering stakeholders to securely design products and fix security issues
  • Create workflows and processes for the intake, triage, and resolution of security issues
  • Execute proactive threat modeling and implement measures to strengthen the preventative controls of cloud infrastructure
  • Work with both internal and external stakeholders to fix known vulnerabilities
  • Coordinate our response procedures during active product security incidents
  • Empower engineers by conducting regular developer security training
  • Bring enthusiasm for working at a fast-paced startup

Requirements

  • Solid understanding of the most common web application security risks as listed by the CWE Top 25 and OWASP Top 10
  • DevSecOps and pipeline security implementation experience (SAST/SCA/DAST/etc.)
  • Microservice architecture experience, including K8 and Docker
  • Application security hands-on experience (pentesting, bug bounties, etc)
  • Ability to perform root cause analysis on past security incidents to recommend improvements
  • Proficiency in at least one programming or scripting language, such as Go, Java, Python, JavaScript, or Ruby
  • Practical knowledge of AWS cloud services and structure
  • English language fluency

Nice to haves

These aren’t required, but be sure to mention them in your application if you have them.

  • Business-level or higher proficiency in Japanese and/or Chinese
  • Program Management or Data Science experience
  • Strong knowledge of the AWS suite of security-related services with a certification as an AWS Security Specialist
  • Experience with the operation of cloud-based infrastructure and API security using services such as AWS EC2 security groups, AWS Web Application Firewall, or AWS Shield
  • Past work experience with cloud-based security services like AWS Security Hub, Amazon GuardDuty, Amazon Inspector, Amazon Detective, or AWS Config
  • Skills in infrastructure-as-code technologies, such as Terraform or CloudFormation
  • Exploit development, Red Team, or reverse engineering experience

Hiring Process

  1. Application review

    When you submit your application to SmartNews, it will be reviewed by our recruitment team, to make sure it is relevant to the position.

  2. Online coding test

    When you pass this initial screening, you’ll then be sent out an online coding test. The results of this test and your resume will then be reviewed in more detail by one of our engineers.

  3. Interviews

    After you pass this secondary screening, you’ll be invited in for a round of interviews, covering both behavioral and technical topics.

  4. Offer

    Once you’ve passed these interviews, we’ll make you an offer.

Meet SmartNews's Developers

Engineering freedom at SmartNews

with YuCheng Chen

YuCheng is a senior software engineer at SmartNews. He explains the freedom he enjoys at SmartNews: not only from a technical perspective, but also the influence he can have over the direction of the product.

Read his story...

Engineering management at SmartNews

with Cortland Klein

Cortland recently joined SmartNews as an engineering manager, where he leads a six person team. He talks about what drew him to the company, his role as a manager, and how they use matrix management to maximize their engineers’ success.

Read his story...

Being one of SmartNews’ first overseas hires

with Robert Speller

When Robert joined SmartNews as a software engineer, most of his colleagues were Japanese. Since then, it’s grown into an international organization where English is predominantly used.

Read his story...

Other Jobs at SmartNews

Related jobs

About SmartNews

Shibuya, Tokyo

SmartNews is a news app with 20 million monthly active users in the U.S. and Japan. We are a machine-learning company deeply committed to helping users find quality news beyond the filter bubble.

Key benefits

  • Not too big, not too small
  • Highly collaborative environment
  • International team

Other Jobs at SmartNews

📬 More jobs like this

I'll send you a digest of new English-friendly software developer jobs in Japan. Your email stays private, I don’t share or sell it.