Software Pentester

5 dni temu

Tarnow Metropolitan Area, Polska ETAP Software Pełny etat 60 000 zł - 120 000 zł rocznie

ETAP empowers customers to make informed decisions throughout the life cycle of their projects with innovative software solutions for electrical systems. By applying ETAP solutions, customers experience continuous intelligence during design and engineering and into operations and maintenance using a unified electrical digital twin platform. ETAP supports customers in their digital transformation and sustainable energy transitions for a green and smart future, helping them to prioritize safety, maximize reliability, and stay resilient.
ETAP's expertise has emerged from more than 35 years of global experience, and more recently in 2023 by expanding into new integrated offerings with IGE, a leading electrical engineering software company renowned for its SEE software portfolio for the creation, maintenance, and calculation of electrical installation projects.
Our employees' passion for excellence, innovation, and customer satisfaction is our most-prized resource. If you share that passion — and want to be part of a company that leads the energy transition towards a cleaner and more resilient world for future generations — we invite you to join us
ETAP is committed to creating a diverse work environment and is proud to be an Equal Opportunity Employer.
Job Title:
Software Pentester

Location:
Krakow/ Tarnow, Poland

Employment Type:
full-time

The job
Secure Software applications and infrastructure from potential vulnerabilities and attacks. Drive product privacy and cybersecurity features and enhancements. Ability to work in a fast-paced, rapidly changing, Agile, competitive environment.

Key Responsibilities

  • Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
  • Oversee the management and remediation of identified security flaws within our development platforms
  • Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
  • Drive vulnerability assessment and penetration testing (VAPT) activities for multiple R&D applications, implement DEVSECOPS across the product line
  • CI/CD integration of SAST and DAST platforms

Essential Requirements

  • A professional with a certain level of knowledge and at least 8 years of expertise in Software application pen testing
  • Knowledge of the DevSecOps framework, understanding on NIST, OWASP, MITRE, CWE etc
  • An understanding of programming languages such as C#, Perl, JavaScript, Python and/or PHP
  • Understanding of TCP/IP, common networking ports and protocols, OSI model
  • Knowledge of Threat modelling and risk assessment techniques
  • Up-to-date knowledge of cybersecurity threats, current best practices, and latest software.
  • An understanding of programs such as HP Fortify, Puppet, Chef, ThreatModeler, Checkmarx, Aqua. They may also need to know Kubernetes/ Docker. Security assessment tools (e.g. NESSUS, NMap, BurpSuite, ZAP, OWASP tools, Kali Linux tools, Fuzzing tools)
  • Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
  • Knowledge of one or more SSO methodologies (SAML, LDAP, OpenID)
  • Experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
  • The job demands to have deep product knowledge to ensure the clinical functionality, expected operating environment, and interoperability to accurately determine a product's privacy and security risks.
  • Education: Bachelor of Technology / Master of Technology in:
  • o Computer Science (CS)
  • o Information Technology (IT)
  • o Electrical Engineering (EE)
  • o Electronics and Communication (EC)
  • o Electronics and Instrumentation (EI)
  • Cybersecurity Certifications: CEH / OSCP - Preferred

ETAP requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.
ETAP is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
Come and join ETAP to create the transformative technology that enables our customers to engineer a better world.