Senior Cyber Security Engineer
Rocket Travel is looking for a Senior Cyber Security Engineer to join our rapidly growing global workforce. Remote employment is an option for this role.
In this position, you will report to our Director of Engineering for Infrastructure and Tooling, and work alongside a number of our engineering teams to evaluate and improve our application security.
Rocket Travel is a place where you:
- Work with a group of intrinsically motivated people with a track record for building successful new businesses from scratch.
- Embody curiosity, community, and accountability. We live and build products by these values every day.
- Own decisions and take action that can be implemented in a matter of days (or hours).
- Get inspired and encouraged to vacation faster, with an annual vacation stipend.
- Receive a competitive compensation package, including bonus, 401k with match, flexible vacation time, maternity and paternity benefits, health, and dental insurance.
- Total Compensation is based on experience - Salary: $95k - $135k + Bonus: 15% - 20%
- Can have the option to work remotely. Though we have great offices in Chicago’s West Loop and in NYC’s Empire State building, we have a hybrid team, a flexible work environment, and we welcome full-time remote applicants, too.
- Share your passion for travel with equally adventurous teammates.
- Work within the largest online travel company in the world. Rocket Travel creates B2C and B2B2C travel products and is part of Booking Holdings (BKNG). We have many worldwide partners and a diversified business. Despite the world’s current situation, Booking Holdings has been rated the healthiest company in travel, and Rocket itself is already seeing travel demand surpass pre-pandemic levels
As a Senior Cyber Security Engineer, you will:
- Manage our bug bounty program, verifying and triaging.
- Work with engineering to fix vulnerabilities and verify remediation.
- Work with devops and engineering teams to add secure code analysis into our deploy pipelines.
- Participate in design review of new features to ensure security and privacy are considered.
- Configure internal security tools that help detect and fix security problems at scale.
- Play a lead role in designing our application security controls and standards.
About you:
- Expertise in application security domain and cloud architecture security.
- In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10) and of OWASP ASVS.
- Experience testing web applications to find vulnerabilities and demonstrate how they can be exploited.
- Experience with triaging vulnerabilities, fixing them, and re-testing them to check for regressions.
- Experience with automated dynamic scanners and proxy tools.
- Understanding of application security in context of SDLC and CI-CD.
- Interest in offensive and defensive application security tactics.
- Proficiency in one or more programming or scripting languages such as Python, Bash, Go, etc.
- Familiarity with secure design models and experience with security design review.
- Experience with cloud-based web applications (AWS a plus) and cloud security best practices.
- Effective communication skills (verbal and written), to convey technical and non-technical concepts to a variety of audiences.
- You love to travel & have or will obtain a valid passport. Rocket loves sending their people to train and work with others in some of our global locations from time to time. Not a frequent request but just in case, we'd love to know you might have interest.
About Rocket Travel
We make travel more rewarding than anyone else
Rocket Travel awards customers for booking travel through our products, allowing people to earn or use loyalty benefits from their favorite loyalty programs.
Our journey
We began in 2013 with the same goal of making travel even more rewarding. This started with our bespoke Rocketmiles website, earning travelers their favorite airline loyalty miles for hotel bookings, and every year since, we’ve advanced our goal.
We now partner with over 60 loyalty programs that travelers can choose from, we build unique partner-branded travel sites, we offer the ability to earn and redeem loyalty rewards, we sit within Booking Holdings—the most experienced Group of travel companies in the world—and we continually grow the number of ways that people can book travel through us, from stays to cars and more.
Travel constantly evolves, opening additional opportunities to create rewarding experiences, and we intend to be at the forefront of building and innovating on those for travelers worldwide.
A diverse and global team
Our teammates work across the globe, in person and remotely. We have offices in Chicago, NYC, Bangkok, Bogota, Kuala Lumpur, Manila, and Cebu. No matter where people work, our main team-building goal is to create a diverse, equitable, and inclusive environment. We do that with a Diversity and Inclusion Committee, setting DEI hiring goals, investing in employee retention, and conducting regular team training that fosters collaboration and morale.
All of these efforts help ensure that we’re promoting a supportive workplace, where people are motivated to grow professionally and build rewarding travel experiences together.
Note on general employment requirements
Candidates should be authorized to accept employment in the US from any employer, should be willing to start within three weeks of accepting an offer, and should be able to work the same daily working hours as our Chicago office.
A final word
If the idea of working within an environment that promotes accountability, curiosity, and community to build reward travel products sounds motivating to you, we would love to hear from you—even if you’re unable to meet 100% of the job requirements. We never expect people to have all of the answers, as long as they’re willing and able to learn and grow with us.
#BI-Remote