Informacje o stanowisku

technologies-expected :

• iOS
• Android

• This job role is responsible for providing subject matter expertise in Penetration Testing to support wider Cyber Security efforts and organization. The successful candidate will operate as part of a global/regional team within the Cybersecurity organization to provide expertise, oversight and assurance around security process, controls, standards and regulatory requirements.

• Perform highly technical/analytical security assessments of custom mobile applications, widely understood infrastructure and networks, web services and APIs.
• Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks.
• Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks.
• Code and demonstrate basic proof-of-concept exploits of vulnerabilities when required.
• Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.
• Assess product release risk and complexity and identify potential misuse scenarios through review of business requirements and design specifications.
• Assist with tracking, remediation, and risk acceptance for identified security vulnerabilities.
• Assist in planning, test execution and vulnerability mitigation.
• Run evaluations of new security testing technologies and provide recommendations.
• Monitor security industry information sources and keep abreast of events, research, and developments.
• Identify opportunities to improve our processes, quality of the work and efficiencies.

• Be subject matter expert in at least 1 of penetration testing domains (i.e. infrastructure/apps/mobile).
• At least 5 years of prior demonstrable hands-on experience in penetration testing.
• Solid understanding of the platform security models for iOS and Android platforms.
• Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.
• Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.
• Excellent TCP/IP knowledge and understanding of security implications/issues.
• Strong web application testing experience.
• Proven programming/scripting skills.
• Ability to explain security functionality from first principles.
• Ability to adapt and apply information to new scenarios and technologies.
• Strong understanding of applied use of cryptography in application development.

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• flexible working time
• integration events
• corporate sports team
• doctor’s duty hours in the office
• retirement pension plan
• corporate library
• no dress code
• coffee / tea
• parking space for employees
• leisure zone
• extra social benefits
• employee referral program
• opportunity to obtain permits and licenses
• charity initiatives
• family picnics
• extra leave
• In-office gym

Kraków - Oferty pracy w okolicznych lokalizacjach