Ready to learn more about us?We were founded in 2010 with a dynamic and agile start-up spirit. The trust of around 30 million customers and 250,000 sellers has made us the first decacorn in Turkey. Our success is backed by renowned investors such as Alibaba, General Atlantic, Softbank, Princeville Capital and several sovereign wealth funds. In 2022, we opened our first dedicated international office in Berlin and expanded to Amsterdam, Luxembourg and London. And that's just the beginning!
Tech at the rootWe believe that technology is the driver and e-commerce is the outcome. Thanks to the dedication of our team, we have become one of the top 5 e-commerce companies in EMEA and one of the fastest growing worldwide. We currently deliver over 1.5 million parcels daily to 27 countries.
Growth is in our DNAAs a young and dynamic company, we are constantly growing and expanding. With Trendyol Tech, one of the leading R&D centres, Trendyol Express, the fastest growing delivery network, Dolap, the largest platform for second-hand goods, and Trendyol Go, our instant food and grocery delivery service, we are gearing up to become the world's leading e-commerce platform.
Focused on positive impactOur vision goes beyond business success. We strive to make a sustainable and positive impact on our customers, business partners, and society. By digitizing merchants and SMEs, helping businesses grow, and promoting women's economic empowerment, we are dedicated to creating a better future.
ABOUT THE TEAMIf you are a techie, you belong in our Technology Team that builds scalable, high-performance platforms for our customers using up-to-date and efficient technologies.
We are all working with the same purpose: To create a positive impact in our ecosystem by enabling commerce through technology.
Your Main Responsibilities
- Collaborate with the Development and DevOps teams to implement security controls in the SDLC (Software Development Life Cycle) and Software Supply Chain
- Secure Coding Development, Threat Modelling, Security Tool Management in CI/CD (SAST, DAST, SCA, IaC, CS, ASO, IAST, etc.), CI/CD Posture Security, Dependency Management, etc.
- Collaborate with the DevOps team to implement security best practice on container, Kubernetes and cloud environment
- Secure Container Images, Container Orchestration Policy Management, Mesh, Vault, Git etc.
- Develop tools/scripts for repeatable application security task
- Discovering web application assests and scanning periodically
- Community contribution like developing tools, finding vulnerabilities on public projects, etc.
Qualities We Are Looking For
- Being an agile minded team player
- Eagerness on self-improvement, open-minded, future-oriented
- Knowledge of the following: OWASP TOP 10 K8S, OWASP TOP 10 CI/CD, OWASP TOP 10 and OWASP ASVS
- Technical Knowledge of following Secure SDLC practices and execution: Secure Coding Educations, Security Tool Integration CI/CD(like SAST, SCA, IaC, IAST, ASO, CS), Threat Modelling, etc.
- Technical Knowledge of Software Supply Chain Security concept and requirements: Dependency Management, CI/CD Posture Security, etc.
- Technical Knowledge of container, container orchestration platforms and common cloud technologies: Preparation of Vulnerability-Free Container Images, Image Signing, Kubernetes Policy Management, CNAPP, GitOps etc.
- Development experience for repeatable tasks with any popular language go, python, bash, etc.
- Technical Knowledge of understanding vulnerability risks & remediations
