Our client is a global leader in the media sector, serving passionate fans around the world with content that inspires, informs and entertains. They delivers over 8,000 hours of original programming each year across deeply loved content genres.
The world is changing all around us. To continue to grow as a business over the next years we must look ahead, understand the changing trends and be prepared for that what's to come. We must get ready for tomorrow today. Join us to be part of the adventure. Client inspires people to be the best they can.
Currently in Poland we are looking for passionate people with various backgrounds to join our team in the fields of FP&A Centre of Excellence, Global Business Services, HR Services and Media Business.
- 3+ years of product/application security work experience.
- Knowledge of common security principles for web application architectures.
- Experience in code reviews, business logic assessment, and application security testing.
- Solid understanding of security protocols, cryptography, authentication, authorization and security.
- Broad knowledge of Security technologies, process, and techniques and a strong understanding of application security leading practices including OWASP and CWE.
- Hands on experience working with DevOps and Agile driven product teams.
- Familiar with application security tools like BurpSuite Pro, SAST, DAST, nmap, Metasploit, and Kali Linux.
- Knowledge of practical threat modeling for consumer applications.
- Excellent communication and presentation abilities with great attention to detail.
- Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences.
- Languages: Fluent English and Polish.
- Bachelor's degree in IT, Computer Science or Information Security preferred.
- Knowledge of cloud security principles.
- Experience in application/tool development with at least one modern programming language.
- Employment based on employment contract
- Opportunities for professional development for expert positions
- Experience in an international company
- Run, maintain, and utilize security tools for the Appsec program, e.g., static and dynamic code analysis tools.
- Create and run secure code assessments with various application and services engineering teams.
- Perform manual and automated penetration tests and retests of web and mobile applications.
- Review technical architecture and delivery for Web and other Client Delivery Platforms.
- Review current system security measures and recommend or implement enhancements.
- Review and contribute to application designs and solutions.
- Review developers codes, provide feedback and perform security assessments for consumer-facing applications, services and future technology.
- Triage risk of identified vulnerabilities and findings.
- Work with external penetration testers, oversee ongoing pentests and exercises, work with application engineering teams on remediation of found vulnerabilities.
- Participate (as a subject matter expert) in information security operations duties, including occasional incident response escalations.
- Evaluate, deploy and support application security technologies, processes and workflows on multiple platforms (Server, Client, Mobile, Tablet, etc.).
- Identify and define application security requirements and security baselines.
- Work collaboratively and proactively across the organization (e.g., Technical Architects, Engineering Leads, Product managers, etc.) to support and remediate security gaps.