Let’s make online banking safer!
Krakow-based opportunity with the possibility to work 100% remotely!
As a Cybersecurity Consultant – Secure Development Lifecycle, you will be part of a global team within the Cybersecurity organisation. Together with the team od brilliant engineers you will analyse and execute activities around Cybersecurity process, controls, standards and regulatory requirements.
Your key Responsibilities:
- Contributing in developing and adopting security utilities and tools that will enable development teams to operate more efficiently and securely
- Being “hands on” with technology and contributing in the design, development and support development teams with security recommendations and adoption of tools
- Contributing in process, procedures and tool identification/development
- Liasing with Developers, Project Managers to understand the working of an application, how effectively they are implemented and where security mechanisms are employed
- Staying up to date within the industry of new trends, and best practices
- Liaising with key stakeholders and peer teams within Technology to ensure key data points, such as accurate inventory data, are both appropriately defined and delivered.
- Training Development teams on Security tooling platforms
You’re ideal for the role if you have:
- 3+ years of experience within Cybersecurity role
- Experience with DevSecOps, Cybersecurity tooling, Secure SDLC, Risk assessment and/or security testing/ethical hacking, Security Architecture
- Strong understanding of general security concepts and principles and application specific security concepts and principles
- Hands on knowledge of Software Development Life Cycle (SDLC) with a focus on security
- Excellent understanding of platform-specific security risks, common vulnerabilities for web and mobile applications, microservices (REST, SOAP) architecture and their mitigations
- Working knowledge of security flaws in Java, J2EE, Objective C, Swift and Kotlin programming languages
- Strong security understanding of common public cloud environment (including AWS, GCP, Azure, Alicloud)
- Knowledge of Common Vulnerability Scoring System (CVSS)
- Proficiency with industry tooling, for example: Tenable.io, Nessus, Checkmarx, Netsparker, Kryptowire, IriusRisk, Aqua, etc.
It is a strong plus if you have:
- Understanding of emerging technologies and its corresponding security threats
#GETREADY to meet with us!
We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at firstname.lastname@example.org.
Internal number #3288