Dodaj ogłoszenie Zaloguj się

Security Engineer

Teamquest Toruń
Dla naszego Klienta, który stworzył innowacyjną platformę dedykowaną dla branży e-commerce, obejmującą obszary realizacji, transportu czy magazynowania zarówno dla handlu elektronicznego jak i detalicznego, zapewniając pełną kontrolę logistyczną. Dzięki unikalności produktu dedykowanego dla tak rozwojowego obszaru, firma niezmiennie poszerza obszar obsługiwanych Klientów, w tej chwili wchodząc już na rynki międzynarodowe. W związku z ciągłym rozwojem naszego Klienta poszukujemy osoby która dołączy do zespołu.


Requirements:

  • Deep knowledge of security issues specific to web services and web applications
  • Practical knowledge of Linux and its security features (privilege separation and permission model, SELinux, identity management)
  • Understanding of common IT security issues both from a technical and business perspective
  • Completion of OWASP training (or equivalent knowledge)
  • Proficiency in at least one programming language
  • Thorough understanding of IP networking stack (both IPv6 and IPv4), common application protocols (SSH, HTTP, DNS, SMTP, LDAP, Kerberos, etc.), and tunneling/VPN protocols (IPsec, OpenVPN)
  • Understanding of PKI, X.509 and TLS
  • Ability to quickly learn and adapt to new technologies
  • Tech stack:
    • PHP 7-8.1, Symfony, MySQL, MongoDB, Redis, Keycloak, Elasticsearch, PHPUnit, Behat


Additional advantages:

  • Knowledge of PHP and JavaScript
  • Experience with cloud environment and its specific security issues
  • Familiarity with ISO 27001
  • Participation in CTF events
  • Running Linux on a personal workstation
  • Having personal open-source projects


We offer:

  • Innovative environment delivering SaaS software used by fast-growing e-commerce/logistics industry
  • A highly motivated team with a strong focus on personal growth and open communication
  • The opportunity to work cross-functionally and closely with senior leadership
  • Competitive salary
  • The ability to choose the work model (office, hybrid, remotely) according to your needs


Responsibilities:

  • Performing internal audits of infrastructure and code (taking part in code reviews of critical system parts)
  • Performing internal pen testing
  • Working with DevOps engineers and the rest of Infrastructure Team to ensure an appropriate level of security across the whole infrastructure
  • Guiding development teams towards Secure Software Development Lifecycle
  • Taking part in design and implementation of company security policy
  • Working with QA Engineers to ensure security testing is conducted correctly
  • Coordinating with external providers of security-related services
  • Verifying security aspects of new projects and integrations with partners
  • Ensuring new projects are compliant with company security policy and GDPR
  • Taking a leading role in the internal security response team (assess discovered vulnerabilities, prepare a response for clients, etc.)

We kindly inform you that we will only respond to selected applications.

TeamQuest has been added to the register of entities conducting employment agencies by the Marshal of the Mazowieckie Voivodship under the number 11118.

IT - AdministracjaIT - Rozwój oprogramowania