About the Role: We are looking for a highly curious and logical thinker who understands how modern web and application-level architectures work. This role is perfect for someone who loves breaking things to understand how they work — and then reporting it clearly. You don’t need certifications — we value real skills, out-of-the-box thinking, and hands-on experience with the latest attack vectors and tools. Responsibilities: Perform manual and automated application penetration testing on web apps, mobile apps, APIs, and thick clients Understand application logic deeply to identify business logic flaws Stay updated with the latest OWASP Top 10, SANS 25, and emerging attack vectors like SSRF chaining, prototype pollution, cloud misconfigurations, and more Write custom scripts and automate repeatable tasks to improve testing efficiency Clearly document vulnerabilities and communicate them effectively to customers, including risk impact and mitigation strategies Work closely with developers and customers to validate fixes and provide secure design suggestions Requirements: Strong understanding of web application architecture (frontend, backend, APIs, authentication/authorization flows) Ability to identify and exploit application-level vulnerabilities beyond scanners Knowledge of modern attack techniques (SSRF, IDOR, OAuth misconfig, JWT attacks, etc.) Familiarity with tools like Burp Suite, Postman, custom scripts (Python/bash), and automation frameworks Strong communication skills to report findings professionally and clearly Logical thinking, curiosity, and problem-solving mindset

Role Overview We’re seeking a skilled Django Developer to join our product engineering team. You will help scale our current system from a monolithic architecture to microservices, optimize our backend for multi-tenancy, and ensure secure and maintainable code practices. You will also collaborate with our frontend, DevOps, and security teams to deliver enterprise-grade capabilities. Key Responsibilities Develop and maintain scalable backend services using Django and Django REST Framework. Design secure and modular REST APIs for integration with frontend and third-party services. Implement and manage asynchronous task queues using Celery and Redis. Contribute to the transition from monolithic to microservices architecture. Define service boundaries and inter-service communication protocols. Ensure independent deployability, observability, and fault isolation of services. Design and implement multi-tenant logic (schema or row-level isolation). Ensure strict tenant-level data segregation and access control. Manage PostgreSQL schema design, query optimization, and indexing for performance. Handle database migrations and tenant-specific data flows. Work with GitLab for version control, branching, merge requests, and issue tracking. Collaborate on CI/CD pipelines using GitLab CI, Docker, and containerized deployments. Implement secure coding practices aligned with OWASP standards. Manage authentication/authorization using JWT and role-based access control (RBAC). Contribute to integration with SSO providers and OAuth-based authentication. Maintain technical documentation for APIs, services, and features. Write clean, maintainable, and well-documented code. Collaborate with cross-functional teams and participate in regular code reviews. Preferred Qualification 1–3 years of hands-on experience with Django and Django REST Framework. Strong understanding of PostgreSQL, Redis, and Celery. Experience with microservices and containerization (Docker). Familiarity with GitLab, CI/CD pipelines, and secure deployment practices. Exposure to multi-tenant SaaS environments and secure system design. Bonus: Experience with Django Channels, WebSockets, or background in cybersecurity/compliance.