Remote IT Security Engineer

Posted

This job is closed

This job post is closed and the position is probably filled. Please do not apply.  Automatically closed by a robot after apply link was detected as broken.

Description:

  • Analyze clients’ needs regarding the secure architecture, data flows, user stories, and infrastructure, and present recommendations during calls with clients and teams.
  • Implement security controls into the Software Development Lifecycle: design, development, CI/CD, testing.
  • Define non-functional and functional requirements for applications based on the security frameworks and standards: CIS, NIST, OWASP.
  • Spread best practices in the area of the application security in development in teams.
  • Analyze incidents in project and tools, suggest action points, look for root causes of those incidents.
  • Perform security assessments and audits of applications (web and mobile), cloud infrastructure.
  • Prepare and maintain policies and documentation on security controls in the software development.
  • Optionally, based on your skill, you may perform cloud and mobile applications’ penetration testing.
  • Optionally, based on your skill, you may create functional and non-functional requirements for applications’ architecture and infrastructure based on compliance in health tech, fintech, privacy protection.
  • Optionally, based on your skill, you may support internal Information Security teams in ISO 27000-family and privacy-related cases.

Requirements:

  • Proficiency in English (speaking and writing): min. B2+ CEFR.
  • Knowledge of well-architected secure patterns in application and infrastructure designs, including cloud providers: AWS, Azure, GCP.
  • Knowledge of CI/CD concepts.
  • Knowledge of protocols used in the Internet on the level which allows debugging and incident response.
  • Knowledge of cryptography concepts.
  • Great communication skills, both to technical personnel and executives/business owners.
  • Knowledge of security frameworks and standards: CIS, NIST, OWASP ASVS, OWASP MASVS.
  • Knowledge of security assessments and testing tools for infrastructure, web applications, mobile applications: Burp Suite, OWASP ZAP, MobSF, Trivy, Prowler.
  • Nice to have: Cloud-related security certifications, for example: Microsoft AZ-500, AWS Certified Security Specialty, Google Professional Cloud Security Engineer.
  • Nice to have: Penetration testing skills, ideally confirmed with penetration testing certificates: eWPT, GWAPT, OSCP.
  • Nice to have: Knowledge of ISO 27000-family framework and controls.
  • Nice to have: Knowledge of EU regulations: GDPR, NIS2, CRA, DSA, USA regulations: HIPAA, HiTech, Final Omnibus Rule.
  • Nice to have: Former experience as a DevOps, Cloud Engineer.

Benefits:

  • Access to the WorkSmile platform offering benefits adapted to your preferences.
  • Support for your growth - a head/manager’s budget available to every employee.
  • Discounts on Apple products.
  • One-time PLN 1000 home-office bonus for B2B contractors, and PLN 175 monthly lump sum (ryczaÅ‚t) for remote employees.
  • Various internal initiatives: webinars, knowledge sharing sessions, internal conferences.
About the job
Posted on
Job type
Full-time
Salary
zł 10,000 - 19,200 PLN / month
Location requirements
Poland - Remote Europe - Remote
Position
Cybersecurity Engineer
Experience level
Senior
Technology stack
CI/CD AWS Azure GCP
N
Netguru's company logo
Netguru
View company profile Visit netguru.com
Leave a feedback