Skip navigation EPAM

Lead Security Testing Engineer Gdansk, Poland

Lead Security Testing Engineer Description

Job #: 53844
Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.

DESCRIPTION


We are looking for Lead Security Testing Engineer interested and capable of leading the local team of security testing engineers, coordinating activities with Global Security Competency Center. Besides leading skills, we expect you to have expert level in Web Applications security and advanced level in security of Mobile applications or Network security.

Lead position assumes advanced technical depth and experience, technical leadership, and multi-faceted communication skills. Scope and tasks may vary greatly. You may be involved in the full project security lifecycle from analysis and planning to development and deployment, as well as assisting with pre-sales opportunities, developing and delivering security related trainings.
You may be involved in the full project security development lifecycle enforcing SDL practices performed throughout project development, providing clarification of expectations and identify the actions required to accomplish the SDL.

You may be engaged to perform pentests or vulnerability assessments of target system(s) in lawful and legitimate manner acting like an insider (internal penetration test) or external user.
You’ll collaborate with Global Competency Center and coordinate effort of local colleagues being fully responsible for the results of the security assessment.

Responsibilities

  • Verify that the Core Team members have completed the right level of mandatory cybersecurity training
  • Identify all relevant cybersecurity regulations and standards for the markets being served
  • Create initial cybersecurity requirements and include in the Product Backlog
  • Define list of approved tools and associated security checks
  • Review secure coding rules
  • Define incremental security compliance goals
  • Develop Initial cybersecurity test strategy
  • Perform attack surface analysis review
  • Implement and continuously update cybersecurity requirements from the Product Backlog
  • Produce user documentation for cybersecurity features
  • Perform robustness and fuzz testing
  • Perform vulnerability assessments
  • Conduct penetration testing
  • Run network security testing
  • Perform review of all security testing defects and address them to project team
  • Force fix of security defects
  • Conduct a Final Security Review (FSR) to ensure completion of all SDL elements
  • Finalize security user documentation
  • Develop and present proposals to prospective clients

Requirements

  • No less than 5 year of proven practical experience in application or infrastructure security testing
  • Certification in security field
  • Understanding and practical experience in different security testing methodologies (OSSTM, OWASP, PTES)
  • Ability to develop, implement and guide security assessments’ process on the project
  • Experience in definition of cybersecurity requirements and processes
  • Ability to select, educate and communicate the right solution based on client requirements and objectives
  • Ability to explain assessment results to technical and non-technical personnel
  • Experience in development of security-related documentation
  • Experience in security assessments of Web Services (SOAP, RESTful)
  • Experience in security assessments of Web Applications
  • Experience in security assessments of Mobile applications (iOS, Android, Windows Mobile)
  • Experience in assessments of network security

Nice to have

  • Experience in security architecture and design reviews
  • Experience in threat modeling
  • Experience in SAST (static code analysis, manual code reviews)
  • Experience in management/coordination of security team
  • Experience in project management
  • Experience in vulnerability management programs
  • Experience in pre-sale activities

We offer

  • Vast opportunities for self-development: online courses and library, experience exchange with colleagues around the world, partial grant of certification
  • English language classes
  • Polish language classes for Foreigners
  • Career development center
  • Unlimited access to LinkedIn learning solutions
  • Possibility to relocate for short and long-term projects (ex. to USA or Switzerland)
  • Benefit package (private insurance, health care, multisport, lunch tickets, and shopping vouchers, etc.)
  • Possibility to be involved in an international project
  • Remote work options
  • Relocation package for foreign applicants as well as for people relocating within Poland
  • Please note that only selected candidates will be contacted
Learn more about EPAM in Poland

Equal Employment Opportunity

EPAM Systems, Inc. is an equal opportunity employer.  We recognize the value of diversity and inclusion in creating success for our customers, business partners, shareholders, employees and communities. We are committed to recruiting, hiring, developing and promoting employees without discrimination. As a global employer, this commitment includes complying with all laws in the countries in which we operate. Nevertheless, we believe equal employment practices should not be limited to what the law requires. Equal opportunity and inclusion are essential to motivate, empower and recognize the best in everyone.

At EPAM, employment actions are based on individual qualifications, without regard to race, color, religion, creed, gender, pregnancy status, sexual orientation, gender identity, gender expression, marital or familial status, national origin, ancestry, genetics, age, disability status, veteran status, citizenship status when otherwise legally able to work, or any other characteristic protected by law.

Pay Transparency Non-Discrimination Provision

EPAM will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Affirmative Action Obligations as a U.S. Government Federal Contractor

As a U.S. federal government contractor, EPAM is committed to meet its affirmative action obligations to make good faith efforts to expand the recruiting pool of women, minorities, individuals with disabilities, and protected veterans through outreach, targeted recruitment, training opportunities and other activities. We affirm this commitment annually in EPAM’s Affirmative Action Plans. The full text of our Affirmative Action Plan for Persons with a Disability and Protected Veterans is available for inspection in the People Operations Department during normal business hours. Email the People Operations Department to schedule an appointment.

Accessibility for Applicants with Disabilities

EPAM is committed to working with and providing reasonable accommodation to individuals with disabilities. If you require an accommodation at any stage of the employment application process, please send an email to the People Operations Department including your name, a detailed description of your requested accommodation, and the best method to contact you. If you have already reviewed a job posting or submitted an application for a job, please include the requisition number. We will assist you and make a determination on your accommodation request on a case-by-case basis.

EEO is the Law. Applicants to and employees of EPAM Systems Inc., are protected under Federal law from discrimination.

EPAM Systems, Inc. participates in eVerify.

在亿磐成长

周剑
解决方案架构师
苏州

张馨予
项目经理
深圳

林嘉樑
软件工程师
深圳

朱晓华
资深软件测试工程师
苏州

金秋
资深软件工程师
苏州

我们在世界其他地方。。。