Ta oferta pracy jest już nieaktualna.
Zapraszamy do wysłania życiorysu - skontaktujemy się w przypadku wznowienia projektu lub podobnej oferty.
Zapraszamy do wysłania życiorysu - skontaktujemy się w przypadku wznowienia projektu lub podobnej oferty.
Responsibilites:
- Performing internal audits of infrastructure and code (taking part in code reviews of critical system parts)
- Performing internal pen testing
- Working with DevOps engineers and the rest of Infrastructure Team to ensure an appropriate level of security across the whole infrastructure
- Guiding development teams towards Secure Software Development Lifecycle
- Taking part in design and implementation of company security policy
- Working with QA Engineers to ensure security testing is conducted correctly
- Coordinating with external providers of security-related services
- Verifying security aspects of new projects and integrations with partners
- Ensuring new projects are compliant with company security policy and GDPR
- Taking a leading role in the internal security response team (assess discovered vulnerabilities, prepare a response for clients, etc.)
Desired skills & experience:
- Deep knowledge of security issues specific to web services and web applications
- Practical knowledge of Linux and its security features (privilege separation and permission model, SELinux, identity management)
- Understanding of common IT security issues both from a technical and business perspective
- Completion of OWASP training (or equivalent knowledge)
- Proficiency in at least one programming language
- Thorough understanding of IP networking stack (both IPv6 and IPv4), common application protocols (SSH, HTTP, DNS, SMTP, LDAP, Kerberos, etc.), and tunneling/VPN protocols (IPsec, OpenVPN)
- Understanding of PKI, X.509 and TLS
- Ability to quickly learn and adapt to new technologies
- Tech stack:
- PHP 7-8.1, Symfony, MySQL, MongoDB, Redis, Keycloak, Elasticsearch, PHPUnit, Behat
We offer:
- Innovative environment delivering SaaS software used by fast-growing e-commerce/logistics industry
- A highly motivated team with a strong focus on personal growth and open communication
- The opportunity to work cross-functionally and closely with senior leadership
- Competitive salary
- The ability to choose the work model (office, hybrid, remotely) according to your needs
Good to have skills:
- Knowledge of PHP and JavaScript
- Experience with cloud environment and its specific security issues
- Familiarity with ISO 27001
- Participation in CTF events
- Running Linux on a personal workstation
- Having personal open-source projects