Informacje o stanowisku

Social network you want to login/join with:

Automated Security Scanning Analyst, Torun

Client: Groupe SII

Location: Torun, Poland

Job Category: Other

EU work permit required: Yes

Job Reference: 314c70203e73

Job Views: 52

Posted: 23.01.2025

Expiry Date: 09.03.2025

Job Description:

Join the Cybersecurity team of one of the largest financial institutions in the world. You will be a key part of the Secure Development team, reporting to the Global Head of Secure Development Lifecycle Support. You will be responsible for providing the security tooling for security scanning services.

Your Role:

1. Contributing to developing and adopting security utilities and tools that enable development teams to operate more efficiently and securely.
2. Designing, developing, and supporting development teams with security recommendations and adoption of tools.
3. Identifying and developing processes, procedures, and tools.
4. Liaising with Developers and Project Managers to understand the workings of an application.
5. Staying up to date within the industry with new trends and best practices.
6. Training and supporting developer and security champion activities to improve the quality of security scanning services to maximize the benefit for application teams.
7. Overseeing changes in the risk profile through the development of metrics and analysis of risks and controls.
8. Supporting the team with activities such as quality reviews, audit requirements, and service desk management.

Your Skills:

1. Understanding of integration and automation of various security technologies including SAST, DAST, MAST, IAST, container security tools within the DevOps tooling pipeline.
2. Proficiency in one or more industry security tooling.
3. Hands-on experience in DevSecOps with a focus on security.
4. Solid experience with platform-specific security risks, common vulnerabilities for the web, and architectures commonly used by mobile applications (HTML, XML, JavaScript, JSON, REST, Microservices, etc.).
5. Knowledge of security flaws in Java, J2EE, Objective C, Swift, and Kotlin programming languages.
6. Familiarity with common public cloud environments including AWS, GCP, Azure, Alicloud.
7. Significant experience with implementing vulnerability identification tools within the development pipeline.
8. Previous work with Vulnerability Scoring System (CVSS).
9. Experience with emerging technologies and their corresponding security threats would be beneficial.
10. English at an advanced level.

Toruń - Oferty pracy w okolicznych lokalizacjach