Oferty pracy

Information Security Engineer (DevSecOps)

TeamQuest is a Polish, fast growing Company, more than 10 years dealing with complex human resources services, especially in the recruitment of IT specialists.
Our Client is a global payment services provider and e-commerce platform used by over 30,000 of global websites. He has been on the market for over 20 years and processes over a billion dollars in transactions annually. Despite his global expansion which has started in 2002, our Client has continued to treat every team member as one of the family, and build collaborative work environments and communications that rely on mutual understanding, trust and respect.
Information Security Engineer (DevSecOps)
CITY Gdańsk
Ref. number: 41950#20100076
Responsibilities:
  • Provide analytical and technical security recommendations to other team members, oversight boards, and clients. Identify requirements, based on needs or resulting from a security issue that puts the organizations systems at risk.
  • Perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social engineering assessments.
  • Meet with clients and management to help specify and negotiate application security requirements, review current policies and procedures for applicability, maintain system OS security patch levels, and ensure the safe transition of applications to production.
  • Develop technology to automate security monitoring.
  • Recommend effective security configurations and architecture to active members in technical workgroups.
  • Liaise with the Enterprise Architect, Network Engineering, and Enterprise Management Teams to effectively communicate and architect security solutions.
  • Develop documentation to support ongoing security systems operations, maintenance, and specific problem resolution.
  • Work and coordinate with traditional information security teams to share ideas with the goal of maintaining proper company-wide security standardization.
  • Provide risk analysis for product features and architecture decisions.
Requirements:
  • 3+ years" experience working with information security issues affecting financial service organizations and cloud-based application service providers.
  • Expertise in TCP/IP, web architectures, and technologies such as HTML, JavaScript, XML, REST, PHP, and API Gateway.
  • Extensive experience in systems administration, security DevOps processes, system hardening, and patch management strategies.
  • Experience with system automation frameworks (Puppet, Terraform) and CICD pipeline (Jenkins, GitLab CI/CD).
  • Knowledge of cloud-native technologies, key management solutions, and networking strategies.
  • Specific security-related experience including data-at-rest encryption, certificate validation, IDS/IPS, firewalls, SIEM and log management, Syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessments including cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10, and SANS Top 25.
  • Bachelors degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.
  • Possess at least one of the following professional designations (or one of similar stature):
    • Certified Information Systems Security Professional (CISSP).
    • Certified Information Security Manager (CISM).
    • Certified Information System Auditor (CISA).
    • Certified Information Security Manager (CISM).
    • Certified in the Governance of Enterprise Information Technology (CGEIT).
  • Excellent verbal and written communication skills in English.
  • Ability to communicate with and understand the needs of non-technical internal and external clients.
We offer:
  • Opportunity to work in a stable, international company (US) that has been on the market for over 20 years
  • Attractive and competitive salary
  • Remote work
  • Additional benefits: of course! Our Customer is open to the needs of employees - if you need any, just say.
In the uploaded materials please add the following clause: "I hereby give consent for my personal data to be processed for the purposes of recruitment, in accordance with the Personal Data Protection Act dated 29.08.1997 (uniform text: Journal of Laws of the Republic of Poland 2016 No 922). I agree to share my personal information for potential employers. I hereby confirm that the data above is true and consent to the processing and managing my data given to TeamQuest Sp. zo.o. with its seat in Warsaw, zip code 00-814 , Miedziana 3A No 21 for staff recruitment purposes. I furthermore declare herein that I was informed that TeamQuest with its seat in Warsaw, Miedziana 3A 49 No 21 is the Administrator of my data and that my data can be submitted to potential employers and that I have the right to not only access and correct it, but also object to its processing for the above described purpose and its submission to 3rd party companies, as well as insist on the cessation of the processing of my data. The submission of personal data is optional. Simultaneously, I consent to the verification of the documents and information provided by me. We kindly inform you that we will only respond to selected applications.
TeamQuest has been added to the register of entities conducting employment agencies by the Marshal of the Mazowieckie Voivodship under the number 11118.



Zobacz podobne oferty