Security Testing Engineer

Epam

Krakow, Poland

6 d. temu

Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world.

We are more than just specialists, we are experts.

ABOUT THE PROJECT

As application / information security engineer , you will help EPAM's clients to assess the security level of their infrastructure, web and mobile applications.

This position will require advanced technical depth and experience, technical leadership, and multi-faceted communication skills.

Scope and tasks may vary depending on the customer needs. You may be involved in the full project security lifecycle from analysis and planning to development and deployment, as well as assisting with pre-sales opportunities, delivering security related trainings.

Along with this, you may be engaged to perform short-term pentests requiring acting like an insider (internal penetration test) or external penetration test, in which you will simulate an attack via the Internet.

Both engagement types may require either penetration testing or vulnerability assessment.

Responsibilities

Scope and estimate tasks, as well as manage multiple tasks with minimal supervision

Demonstrate considerable knowledge of planning and team management specific to security assessment

Conduct vulnerability assessments and penetration testing

Collaborate with technical and management personnel across the full security assessment life cycle

Utilize problem solving skills, especially within troubleshooting complex issues while identifying options and / or alternatives

Document all disclosed issues using different reporting formats

Provide remediation suggestions to correct disclosed issues

Collaborate with personnel responsible for writing and presenting proposals to prospective clients

Manage and contribute to planning, coordination and successful completion of security engagements

Requirements

At least 1 year of practical proven experience in penetration testing

Ability to perform evaluation of application requirements, processes, technologies

Ability to select, educate and communicate the right solution based on client requirements and objectives

Experience with different exploitation tools and frameworks (Metasploit, BeeF, sqlmap, etc)

Experience with different vulnerability scanners (Acunetix, Nessus, etc)

Ability to resolve technical problems when required

Ability to develop custom scripts needed for specific assessment purposes (Python, bash, PowerShell)

Ability to explain assessment results to technical and non-technical personnel

Experience in development of security-related documentation

Experience in security testing of Web Applications based on different technologies (.Net, Java, PHP)

Experience in security testing of Web Services (SOAP, RESTful)

Nice to have

Certification in security field

Understanding and practical experience in security audit process, meeting security compliance requirements (ISO, PCI DSS, HIPAA) and methodologies (OSSTM, OWASP, PTES)

Previous experience as software engineer, or knowledge of software development methodologies is desired, but not mandatory

Ability to develop, implement and guide security assessments’ process on the project

Experience in security testing of Mobile Applications (iOS, Android, Windows Mobile)

Experience in security testing of infrastructure

We offer

Vast opportunities for self-development : online courses and library, experience exchange with colleagues around the world, partial grant of certification

English language classes

Polish language classes for Foreigners

Career development center

Unlimited access to LinkedIn learning solutions

Possibility to relocate for short and long-term projects (ex. to USA or Switzerland)

Benefit package (private insurance, health care, multisport, lunch tickets, and shopping vouchers, etc.)

Possibility to be involved in an international project

Remote work options

Relocation package for foreign applicants as well as for people relocating within Poland

Please note that only selected candidates will be contacted

Zgłoś tę pracę

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.