Informacje o stanowisku

technologies-expected :

• JavaScript
• HTML
• CSS
• Java
• Python

• Review technical architecture and delivery for web and other client delivery platforms.
• Review current system security measures and recommend or implement enhancements.
• Review and contribute to application designs and solutions.
• Identify and define application security requirements and security baselines.
• Support application security team with static and dynamic code analysis.
• Perform manual and automated penetration tests and retests of web and mobile applications.
• Review developers’ code, provide feedback and perform security assessments for consumer-facing applications, services and future technology.
• Triage risk of identified vulnerabilities and findings.
• Work with external penetration testers, oversee ongoing pentests and exercises, work with application engineering teams on remediation of found vulnerabilities.
• Participate (as a subject matter expert) in information security operations duties, including occasional incident response escalations.
• Evaluate, deploy and support application security technologies, processes and workflows on multiple platforms (server, client, mobile, tablet etc.).
• Work collaboratively and proactively across the organization (e.g., Technical Architects, Engineering Leads, Product Owners etc.) to support and remediate security gaps.

• 3+ years of product/application security work experience.
• Knowledge of common security principles for web application architectures.
• Knowledge of practical threat modeling for consumer applications.
• Experience in code reviews, business logic assessment, and application security testing.
• Solid understanding of security protocols, cryptography, data security, networking, access control, client and server-side protections.
• Broad knowledge of security technologies, processes, and techniques and a strong understanding of application security leading practices including OWASP and CWE.
• Familiarity with HTML/CSS, JavaScript and UI/UX design and software quality assurance principles.
• Hands-on experience working with DevOps and Agile driven product teams.
• Familiarity with application security tools like BurpSuite Pro, SAST/DAST, nmap, Metasploit, and Kali Linux.
• Experience in secure software development principles in various languages (Java, Go, JavaScript, Python etc.).
• Excellent communication and presentation abilities with great attention to detail.
• Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences.
• Languages: Fluent English and Polish.

• Contract of employment
• Hybrid work model (3 days from the office, 2 days from home)
• Free access to Max
• Benefit package: private medical health care, life insurance, MyBenefit cafeteria including sport card, social funds, retirement pension plans, recognition platform, employee referral program
• Work-life balance initiatives: wellbeing platform, yoga, educational webinars, Employee Assistance Program, internal media initiatives
• Training & development: sharing the cost of English lessons, Employee Resource Groups, Bridge learning platform, sharing sessions with experts
• CSR activities: volunteering, eco & social initiatives
• Casual dress code
• Parking available for booking

• private medical care
• life insurance
• flexible working time
• corporate products and services at discounted prices
• no dress code
• parking space for employees
• employee referral program
• charity initiatives
• Cafeteria benefit system
• partial home office

Warszawa - Oferty pracy w okolicznych lokalizacjach