Senior Security Engineer

Website Netguru

Custom software development

Overview

Hi! We are Netguru. We help entrepreneurs and innovators shape the world through beautiful software. We’re looking for people to join our team and build a culture based on trust, taking ownership, and transparency. Introducing innovative solutions and improving our internal processes are the foundation for our development and achievements.

As a Certified B Corporation®, we offer a safe, inclusive and productive environment for all team members. We respect and want to build on our diversity. We are open for workplace adaptations.

We also help team members develop their skills through internal learning opportunities, R&D projects, and personal growth budgets. Our efforts bring results: Netguru ranks as one of the most desired IT employers, alongside Facebook, SpaceX, and Netflix.

We have built an outstanding organisational culture based on transparency, team spirit, regular feedback, and continuous learning. Currently, we’re on the lookout for a passionate Senior Security Engineer who could join our team. If you have the talent and skills it takes, apply NOW!

Responsibilities

  • Working in a team with strong security expertise,
  • Working on interesting projects using the best technologies available on the market,
  • Ability to make an impact on the technological stack of Netguru and its clients,
  • Working in an experienced and knowledgeable team, in an Agile environment,
  • Dev-friendly processes like Continuous Integration and Code Review,
  • Constant development of your hard and soft skills (e.g. at internal Webinars, external conferences, meetups, etc.),
  • Growing yourself and people around you – you will give and receive regular feedback in a team of open-minded people that will always have your back,
  • Ambitious and verified projects- our clients come from all over the world and from different industries,
  • A clear and fast-paced career path based on clearly defined goals – you will frequently meet with your leader who will help you make full use of your potential,
  • Enjoying flextime and flexplace: adjust your daily schedule to your individual needs, work from the office or from home,
  • Working on the best equipment – we will provide you with a Macbook and additional accessories for your computer to make your work even more efficient and comfortable,
  • Having a smooth start: your leader and mentor will support you along the way 🙂

Requirements

  • Implementing, developing, and maintaining monitoring and security support tools (i.e. vulnerability scanners, SAST, DAST, Web Application Firewall, Anti-DDoS IDS/IPS, etc.).
  • Support of project teams in implementing the best security practices in the design, development, and maintenance of web and mobile applications.
  • Consulting for commercial clients.
  • Performing security incident analysis, response, and remediation.
  • Conducting security audits of web and mobile applications and systems.
  • Educating other members of the team.
  • Continuously improving the security of the company.

Must-haves:

  • Good knowledge of cloud infrastructure and security best practices in that environment.
  • Knowledge of best practices and standards in the field of software development (Software Development Life Cycle – SDLC) with particular emphasis on the principles of secure software development (i.e. OWASP ASVS, MASVS, Secure Coding Practices, etc.).
  • Experience in working with tools such as WAF, VPN, SAST and DAST, vulnerability scanners, patch-level verifiers, etc.
  • Experience in Linux administration, Docker, and cloud solutions like AWS or GCP.
  • Knowledge of issues in the field of penetration testing (vulnerability analysis, pentesting tools).
  • Skills to analyze attacks on web technologies and identify their occurrences by analyzing events from servers and applications.
  • Ability to conduct risk analysis and threat modeling based on known types of vulnerabilities and attacks on web and mobile applications.
  • Good command of written and spoken English (at least B2 +).

Nice-to-haves:

Technical security certifications.

  • Very good knowledge of the CI/CD process and automation combined with its security assessment.
  • Experience in pentesting.
  • Participation in Bug Bounty or CTF programs.
  • Good knowledge of containerization (Docker) and container orchestration (Kubernetes) with an emphasis on security.
  • Thought leadership artifacts (speeches made at meetups, conferences).
  • Practical knowledge of documents defining security requirements such as GDPR, ISO 27001, HIPAA, PCI-DSS, PSD/PSD2.
  • Experience as Security/DevOps/SysOps architect or in a position closely related to web application security.

Benefits

  • Generous private health insurance package with dental care.
  • Optional life insurance for you and your family.
  • A growth budget for your educational plan.
  • Masterbenefit: discounts on car leasing.
  • Discounts on Apple products.
  • Various internal initiatives: webinars, knowledge sharing sessions, internal conferences.

To apply for this job please visit www.netguru.com.