Application Security Analyst
Who we are:
We have rapidly grown into a truly global company since our launch in 2008 and we’re continuing to grow. Our family now includes partner boutiques and brands across Europe, North and South America and Asia; we demonstrate our ‘Think Global’ value in everything we do.
We are a global team of over 1,500 people and have offices based in London, New York, L.A., Porto, Guimaraes, Lisbon, Sao Paulo, Shanghai, Moscow, Hong Kong & Tokyo.
We are a company with an entrepreneurial spirit and innovative culture. We are positive, passionate and live our values: Be Human, Be Brilliant, Todos Juntos, Be Revolutionary, Think Global and Amaze Customers day to day.
Our world-class Technology team is at the core of what we do- they both help support the running of the current business as well as explore new and exciting technologies that keep Farfetch truly revolutionizing the industry. Split across 3 main offices- London, Porto and Lisbon, the tech hub is the fastest growing team working across all touchpoints, Web, Mobile, and Instore. The teams are committed to turning the company into the leading multi-channel platform and are constantly looking for brilliant people who can help be part of the experience.
Our security team strives to create and maintain a safe operating dimension for Farfetch’s users and developers. We live in world where security is one of the most important things and we want to do our best to protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data
The security team in Farfetch is seeking a passionate hacker who loves to reveal potential weaknesses and then think on creative solutions to eliminate those weaknesses.
Your skills are going to help the foundation of security initiatives that protect the security and privacy of our clients. You will be relied upon to provide engineering and product teams with the security expertise necessary to make confident product decisions. Let’s see how fast the bad guys run!
What you'll do:
- Perform penetration testing on in-house developed Web and/or Mobile Applications;
- Design POC’s of possible attacks related to the discovered vulnerabilities;
- Provide training to development teams on best practices around OWASP Top10;
- Help development teams with static code analysis report reviews and best fixes;
- Promote initiatives to strengthen our Security Champions community;
- Help to maintain our Secure Software Development Life Cycle in all their different stages.
Who you are:
- A graduate of a program in Computer Science, Information Security, or a related
- A professional with background in software development or application
- pen testing;
- A professional with more than 3 years in a similar position or in another
- information security field;
- Passionate about problem-solving with strong analytical skills;
- Holder of certifications in Information Security (OSCP, CEH or similar);
- A self-motivated team player who can work with minimal supervision;
- Fluent in English (written and spoken).
We love hearing from you and want you to be as ambitious as we are, but before applying please ask yourself the following…
- Is this role a good match for me and my long-term goals? We want to really know why you have chosen this career.
- Do I have all the skills and experience required for this role? Be realistic. We will only consider applications that demonstrate relevant skills or the potential to match the role requirements.
- Spell Check. As simple as it sounds make sure your application is of the highest standard. You will be surprised at how many applications we receive with spelling mistakes on them.
We are committed to equality of opportunity for all staff, applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.