Senior Security Engineer

Netguru S.A.

Date listed

2 months ago

Employment Type

Contract

Remote

Yes

Found on:

WeWorkRemotely

Keywords: remote gcp fintech azure aws docker

We are looking for Senior Security Engineer to perform an audit in our client's company that includes:

risk assessment & threat modeling
consulting & architecture analysis
CI/CD pipeline hardening
extended security testing
cloud hardening

A Senior Security Engineer is delegated to complete the above-mentioned tasks, supporting the development team with tasks related to risk identification and mitigation.

It is an assignment for 4-8 man days / 8-16 man days with 50% engagement (4h/day).

Start date: 26.02.2024

Your responsibilities:

Consulting for commercial clients
Auditing and hardening of CI/CD pipelines and cloud-based infrastructures
Support for project teams in implementing the best security practices in the design, development, and maintenance of web and mobile applications
Conducting security audits, assessments, and pentests of web and mobile applications and cloud-based systems
Helping with implementation of security tools (i.e. vulnerability scanners, SAST, DAST etc.)
Performing security incident analysis, response, and remediation for cloud-based web applications
Upskilling other members of project teams

First, check if you have:

Hands-on experience in the area of web application security;
Ability to conduct risk analysis and threat modelling based on known types of vulnerabilities and attacks on web and mobile applications;
Knowledge of best practices and standards in the field of software development (Software Development Life Cycle - SDLC) of web applications with particular emphasis on the principles of secure software development (i.e. OWASP ASVS);
Knowledge and experience in cloud security and best practices in an AWS/Azure/GCP environment;
Knowledge of techniques in the field of penetration testing (reconnaissance, vulnerability analysis, pentesting tools, reporting);
Very good command of written and spoken English (B2 +).

It would be nice if you have:

Experience with Linux administration, Docker, and cloud solutions like AWS or Azure;
Experience working with tools such as SAST and DAST, vulnerability scanners, patch-level verifiers, etc.
Technical security certifications;
Good knowledge of the CI/CD process and automation combined with its security assessment;
Experience in pentesting;
Experience in security for mobile applications;
Practical knowledge of security requirements as defined in documents such as GDPR, ISO 27001, HIPAA, PCI-DSS, PSD/PSD2.

What's in it for you? Becoming a Netguru Freelancer means:

Flexibility: 100% remote work.
Professionality: dev-friendly processes, like Continuous Integration and Code Review, work in line with Agile methodology.
Diversity: projects from various industries like fintech, healthcare, insurance, or education.
Growth: work with a team of experts and continuous development of your hard and soft skills.
Knowledge: knowledge sharing sessions, internal knowledge base.