Nr ref.: LP/OSITSE/ZD/08
The Security Expert will be utilized as a shared skill between several teams which are releasing customer-faced applications. The main goal is to set up standard procedures towards security risk mitigations, document them and drive its implementation and maintenance.
Online Support offers end-to-end issue management in a Digital Logbook, faster support request handling and troubleshooting guides for self-fixing, all seamlessly integrated in one place.
The solution is connected with Dialog, Rexis (Salesforce) via Mulesoft API and based on AWS infrastructure.
The application is used by laboratories, which have Cobas devices. Currently we have 3,000+ users, and scaling to 10,000. Application is available both for desktop and mobile (iOS and Android).
As an experienced IT expert you will be responsible for performing advanced penetration testing in both white and black box as well as design and enhance security measures. From the candidate we expect extensive technical knowledge in Burp, Checkmarx and Metasploit. In addition to the technical knowledge the role involves direct interactions with solution owners for explaining identified vulnerabilities and advising on the mitigation controls. You will be involved in shaping our security strategy and maintain, promote, and sustain expert technical knowledge.
Experience and Skills:
- University Diploma in Computer Science, Computer Engineering, Mathematical Engineering, Information Systems or related field;
- Minimum 5 years of experience in IT Security;
- Specialty in one or more of the following Information Security domains: Cyber Intelligence Analysis, Computer Forensics, Application Security, Penetration Testing, Vulnerability Scanning & Management;
- Hands-on experience with Gitlab/Sonarcube, including but not limited to code and report analysis
- Knowledge and experience in secure coding practices;
- Both offensive and defensive programming skills;
- Cyber security certificates such as CISSP, CEH, GCIA, OSCP or CSSLP Certification;
- Professional and team-oriented approach to work, strong sense of responsibility, ability to efficiently distribute tasks, monitor and drive them to accomplishment, assess and manage risks, present results of work, propose solutions at various levels of organization, communicate with business partners expressing recommendations and highlighting risks;
- Helps the organization to define, maintain and improve IT processes and standards, constantly develops and expands own expertise by acquiring new technical and business knowledge and following emerging IT trends and market solutions;
- Advanced level of spoken and written English is a must as well as the will to work in the multicultural, international virtual team;
- Experience in creating documentation on development/coding processes towards security risks mitigation
- Fluent English (C1/C2 level).