Staff, Security Engineer - Coupang Play
Coupang
2 months ago
Seoul, Korea, South
Staff+
H1B Sponsor
Responsibilities
- Lead security initiatives to protect core assets and data from evolving threats.
- Act as a subject matter expert in security technologies throughout the software development lifecycle.
- Develop and maintain security-focused libraries, tools, and automation scripts.
- Collaborate with engineering teams to implement Secure-by-Design principles.
- Participate in code reviews focusing on identifying and fixing security vulnerabilities.
- Work with software and platform engineers to define and apply security policies and standards.
- Conduct security threat modeling for new and existing applications.
- Evaluate, recommend, and implement security and governance tools.
- Lead penetration testing and vulnerability assessments.
- Act as the lead responder for security incidents, performing detailed analysis and forensic investigations.
Requirements
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- Strong software engineering skills with experience in building secure applications and services.
- Ability to write, review, and optimize secure code, including secure coding patterns and input validation.
- Deep understanding of cryptography, PKI, secure authentication protocols, and authorization in microservices environments.
- Expertise in network security, including firewalls, VPNs, WAF, and micro-segmentation.
- Experience integrating security guardrails and tools into design/coding work and CI/CD pipelines.
- Security experience with services operated by major cloud providers (AWS, Azure, GCP).
- Proficiency in at least one scripting language (Python or Bash) and one general-purpose programming language (Go or Node.js).
- Excellent documentation and communication skills, able to articulate complex security risks to technical and non-technical audiences.
- Strong project leadership and prioritization skills.
Tech Stack
AWSAzureBashGoGoogle Cloud PlatformNode.jsPython
Categories
Security