About the project

• This job role is responsible for providing subject matter expertise in Penetration Testing to support wider Cyber Security efforts and organization. The successful candidate will operate as part of a global/regional team within the Cybersecurity organization to provide expertise, oversight and assurance around security process, controls, standards and regulatory requirements.

Your responsibilities

• Perform highly technical/analytical security assessments of custom mobile applications, widely understood infrastructure and networks, web services and APIs.
• Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks.
• Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks.
• Code and demonstrate basic proof-of-concept exploits of vulnerabilities when required.
• Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.
• Assess product release risk and complexity and identify potential misuse scenarios through review of business requirements and design specifications.
• Assist with tracking, remediation, and risk acceptance for identified security vulnerabilities.
• Assist in planning, test execution and vulnerability mitigation.
• Run evaluations of new security testing technologies and provide recommendations.
• Monitor security industry information sources and keep abreast of events, research, and developments.
• Identify opportunities to improve our processes, quality of the work and efficiencies.

Our requirements

• Be subject matter expert in at least 1 of penetration testing domains (i.e. infrastructure/apps/mobile).
• At least 5 years of prior demonstrable hands-on experience in penetration testing.
• Solid understanding of the platform security models for iOS and Android platforms.
• Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.
• Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.
• Excellent TCP/IP knowledge and understanding of security implications/issues.
• Strong web application testing experience.
• Proven programming/scripting skills.
• Ability to explain security functionality from first principles.
• Ability to adapt and apply information to new scenarios and technologies.
• Strong understanding of applied use of cryptography in application development.

Technologies we use

What we offer

• Competitive salary

• Annual performance-based bonus

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN)

• Corporate parties & events

• CSR initiatives

• Nursery discounts

• Financial support with trainings and education

• Social fund

• Flexible working hours

• Free parking