Senior Security Engineer

  • Poznań
Work level
office or remote
Job Type
B2B 18 000 - 25 000
contract 15 000 - 20 900

Job description

Tasks and duties:

  • Consulting for commercial clients
  • Assessment and hardening of CI/CD pipelines and cloud-based infrastructures
  • Support for project teams in implementing the best security practices in the design, development, and maintenance of web and mobile applications
  • Conducting security audits, assessments, and pentests of web and mobile applications and cloud-based systems
  • Helping with implementation of security tools (i.e. vulnerability scanners, SAST, DAST etc.)
  • Performing security incident analysis, response, and remediation for cloud-based web applications
  • Upskilling other members of project teams
  • Working in one of these specializations:
  • Pentester
  • Cyber Security Consultant
  • Cloud Security Engineer
  • DevSecOps Engineer

We want you on board if you have:

  • Experience in analyzing attacks on web technologies and ability to identify their occurrences by analyzing events from servers and applications
  • Hands-on experience in the area of web application security
  • Ability to conduct risk analysis and threat modeling based on known types of vulnerabilities and attacks on web and mobile applications
  • Knowledge of best practices and standards in the field of software development (Software Development Life Cycle - SDLC) of web applications with particular emphasis on the principles of secure software development (i.e. OWASP ASVS)
  • Knowledge and experience in cloud security and best practices in an AWS/Azure/GCP environment
  • Knowledge of techniques in the field of penetration testing (reconnaissance, vulnerability analysis, pentesting tools, reporting)
  • Very good command of written and spoken English (B2 +).

Nice to have:

  • Experience with Linux administration, Docker, and cloud solutions like AWS or Azure
  • Experience working with tools such as SAST and DAST, vulnerability scanners, patch-level verifiers, etc.
  • Technical security certifications
  • Good knowledge of the CI/CD process and automation combined with its security assessment
  • Experience in pentesting
  • Experience in security for mobile applications
  • Practical knowledge of security requirements as defined in documents such as GDPR, ISO 27001, HIPAA, PCI-DSS, PSD/PSD2.

Perks & benefits:

  • Access to the WorkSmile platform offering benefits adapted to your preferences:
  • Multisport card,
  • Private health insurance package,
  • Life insurance,
  • And hundreds of other options to choose from 15 categories (shopping, leisure, travel, food, etc.)
  • Support for your growth - a book budget and a head/manager’s budget available to every employee,
  • Discounts on Apple products,
  • One-time 1000 PLN home office bonus,
  • Various internal initiatives: webinars, knowledge sharing sessions, internal conferences.

Joining Netguru as a Senior Security Engineer means:

  • Working in a team with strong security expertise
  • Working on interesting projects using the best technologies on the market
  • Ongoing development of your skills thanks to a dedicated development budget for workshops and conferences
  • Having a smooth start: your leader and a buddy will support you and mentor you
  • Enjoying flextime and flexplace: adjust your daily schedule to your individual needs — work from the office or from home
  • Working on the best equipment — we will provide you with a MacBook and additional accessories for your computer to make your work even more efficient and comfortable.

Must have

  • threat modeling
  • SDLC
  • AWS
  • Azure
  • GCP
  • penetration testing
  • English

Nice to have

  • Linux
  • Docker
  • SAST
  • DAST
  • CI/CD