👋 We are Tactful, a scale-up building and operating a cloud-native Customer Engagement Platform that helps businesses manage customer communications across all digital channels.
We enable teams to deliver fast, consistent, and high-quality customer experiences through a unified omnichannel layer and modern tooling. (Tactful AI)

🕓 Start Date: Immediate
📍 Location:  Sheraton, Cairo (Hybrid)
💰 Salary: 400 – 650 GBP
📌 Type: Full-time · Individual Contributor

🛠️ How the Hiring Quest Works

1️⃣ Register for the quest
2️⃣ You’ll receive full challenge instructions by email
3️⃣ Submit your solution before the deadline
4️⃣ Top candidates will be invited to a technical review session
5️⃣ One candidate will be hired — others may be considered for future roles

🔍 Who We’re Looking For

1. ✔ 3–5 years of experience in Application Security or related software security roles

2. ✔ Strong software development background

3. ✔ Hands-on experience with cloud infrastructure & systems (Kubernetes, Docker, AWS)

4. ✔ Solid experience across backend & frontend stacks (Node.js, Python, React, Vue)

5. ✔ Proven track record in penetration testing, AppSec, or security reviews

6. ✔ Comfortable threat-modeling complex, multi-tenant SaaS systems

7. ✔ Clear communicator who can explain risks, tradeoffs, and mitigations

🎯 Your Mission

You will complete an Application Security Validation Challenge focused on a realistic, cloud-native SaaS platform.

Your task is to demonstrate your ability to:

1. Threat model a multi-tenant SaaS system

2. Identify and prioritize security risks aligned with OWASP Top 10

3. Propose shift-left security mitigations

4. Simulate real application-level exploits

5. Clearly communicate security reasoning and decisions

📄 All challenge details, scope, and constraints are defined in this document:

🧰 What You Should Submit

Submissions must follow the Deliverables section exactly as defined in the challenge document

📊 Evaluation Criteria

Application & Cloud Threat Modeling — 25%
Risk Identification & Prioritization — 25%
Mitigation Quality & Practicality — 20%
Pentest Simulation & Fixes — 20%
Clarity, Structure & Communication — 10%

📩 After Submission

Top candidates will be invited to a technical review session with the engineering team.

👉 Final hiring decision within 3–5 business days after the review session.