IT Security
Denis Gorodnov
IT Security Team Lead

About the team

What comes to mind when you hear or read “IT security”? A cool hacker breaking into governmental systems? An annoying colleague from the department “over there” who does not allow you to use your favorite text editor? An anonymous twitterer showing screenshots from yet another user data leak? A figure in sunglasses with a briefcase full of compliance forms for you to fill in and sign? We are all of it, and none of it at the same time —. just a bunch of people of various backgrounds and a “but what if…” mindset.

Did you read other teams’ “about” pages? Did you notice a pattern that nobody lists security as the team they cooperate with closely? This is exactly as it should be. The no-nonsense and no “security” for the sake of security approach is the main driving factor in our team.

Operating 
with challenges

We participate in all stages of the solution lifecycle, from idea inception to service and technology sunset. We guide colleagues, collaborate with internal and external customers, raise awareness about security and privacy related topics and try to balance out business requirements with the potential challenges such requirements might introduce.

In short, we make sure the rest of the team do their jobs without introducing new and unnecessary risks and operate with all technical and legal challenges that may arise from internal and external, not necessarily purposefully malicious, actors.

“Shift left” is our current ambition, goal and daily bread.

How we work

Written standups, async communication, and information sharing are the foundational building blocks. Team members are allowed as much freedom and responsibility and have as much direction and help as they require. Security & Privacy is a vast landscape one cannot navigate alone.

We try to maintain a well-balanced system that can proactively work with threats and not bother our customers or colleagues too much.

“Shift left” is our current ambition, goal, and daily bread.
Check out our public bug bounty program here: https://showmax.engineering/teams/it-security/