This job listing expired on Nov 25, 2022
Multiple Locations: Wroclaw, Warsaw
Your daily tasks:
- cooperating closely with IT department to supervise the process of vulnerability management,
- maintaining company’s systems and networks environment by applying security patches and upgrades,
- defining a framework for security design and designing security reviews,
- developing relevant application security training for internal stakeholders,
- improving secure coding practices and application security requirements,
- integrating threat modeling practices into the Software Development Lifecycle,
- providing vulnerability remediation guidance and mentoring to product development and technology engineers,
- maintaining an active understanding of industry practices for secure software development and incident response,
- performing malware analysis and active ransomware protection,
- documenting and standardizing testing methodologies and tool sets,
- developing a strong understanding of cybersecurity best practices and IT processes,
- constantly identifying areas for improvement and driving all changes that are required,
- educating colleagues on information security topics such as policies, standards, guidelines and best practices, and incident remediation.
You meet our expectations if you have:
- proven long-time experience in cyber security,
- BSc in Computer Science, Math or Physics,
- solid understanding of application security,
- significant experience in cloud security architecture,
- knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques,
- experience in application risk assessment and risk categorization,
- working knowledge of vulnerability scanners (Nessus, Qualys, Acunetix etc.),
- experience with SAST, DAST, IAST, SCA and fuzz testing tools,
- experience with driving and implementing secure development practices in to SDLC (SSDLC),
- well versed with TCP/IP stack and network protocols,
- high level knowledge of cryptography concepts,
- high level knowledge knowledge of different security systems (firewall, IDS/IPS, SIEM, WAF, ATP, DLP),
- experience with malware detection and ransomware prevention,
- experience with code auditing,
- proficiency in at least two of the following: Unix, GNU/Linux, MS Windows,
- familiarity with one or more languages (Java, Javascript, C++, C#, Python, Perl).