Head Application Security Expert
T-Mobile Polska S.A.
Athens, Greece
πριν από 1 μέρα
source : Just Join IT

OWASP (advanced)

JavaScript (advanced)

Java (advanced)

Type of contract : Every type of contract

Location : Warsaw (fully remote)

What will you do?

  • Identify opportunities to automate and standardize application security controls and cooperate with the CICD team
  • Analyze source code to mitigate identified weaknesses and vulnerabilities
  • Create guidelines and application security standards
  • Review and check automated security testing results
  • Perform software architecture design reviews for both on-prem and cloud deployments
  • Work with engineering teams to help architect and implement solutions that are secure by design
  • Define, document, and supervise implementation of security guidelines and standards
  • Build frameworks and libraries to provide security by default
  • What do you bring?

  • 4+ years of full-time commercial application security experience
  • 4+ years of experience in software development, ideally Java & JavaScript in cloud environment
  • Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)
  • Prior experience in performing threat modelling and secure design reviews
  • Familiarity with cloud services and their security best practices and secure design patterns - AWS especially
  • Kubernetes and containerization security know-how
  • Knowledge of common appsec vulnerabilities like OWASP Top 10 and cloud security gaps
  • Knowledge of standards like OWASP Testing Guide, OWASP ASVS, NIST and SANS top 20
  • Proficiency in modern and common web stack technologies (HTTP, HTML5, AJAX, REST, ...)
  • Understanding of basic cryptography (encryption, hashing, MACs, digital signatures, TLS, password storage) and how they are applied in web applications
  • Knowledge of protocols (OAuth, SAML, OIDC), flows and best practices
  • At least basic know-how in networks
  • Nice to have

  • Application Security related certificates
  • Cloud (Security) related certificates
  • Αναφορά αυτής της εργασίας

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Το e-mail μου
    Πατώντας στο κουμπί «Συνέχεια », δίνω στο neuvoo τη συγκατάθεση μου να καταχωρήσει τα δεδομένα μου και να μου στέλνει ειδοποιήσεις μέσω email, όπως αναφέρεται λεπτομερώς στην πολιτική προστασίας προσωπικών δεδομένων του neuvoo. Μπορείτε ανά πάσα στιγμή να αποσύρετε τη συγκατάθεση σας ή να διαγραφθείτε οποιαδήποτε στιγμή.
    Φόρμα αίτησης