Security Engineer

  • Full-time

Company Description

Over 150 industry leaders such as Verizon, Merck, Coca-Cola Enterprises, Heineken, Johnson & Johnson, Renault-Nissan, ING Bank, and Nokia use EcoVadis to reduce risk, drive innovation and foster transparency and trust among over 30,000 trading partners.

We are building a full blown product; a technology platform; a revolutionary solution for Cybersecurity ratings from the ground up. We're a small team, growing quickly, and moving at extreme speed. Great technology is at the heart of everything we do, so we're looking for engineers who are as passionate about revolutionizing CyberSecurity as they are about elegant engineering solutions.

We are looking for crafts(wo)men with strong autonomy to propose, participate and lead the evolution of our engineering culture and technical stack. We value strong technical skills, experience, and a desire to innovate in technology. Public code contributions will speak in your favor.

We're all about open communication, transparency, and a passion for building a product with excellence - we'll trust you to match that passion. We want to see a desire to always self-improve and continuously learn. Participation in meetups, conferences, and side projects will be a great indication of that.

Strong initiative takers will fit right in—people who continuously think and propose ways to improve the team both technically and operationally.

Job Description

You will take on the responsibility of attacking our application and infrastructure to expose vulnerabilities.

This will include:

  • Conduct vulnerability, compliance and in-depth penetration testing and reverse engineering on applications, networks, systems, and cloud infrastructure

  • Demonstrate an ability to methodically analyze problems, identify solutions and remain composed in potentially stressful situations

  • Analyze, disassemble, and reverse engineer code / executables to discern weaknesses for exploitation; document and transition results in reports, presentations and technical exchanges

  • Develop attack plans to meet the specified objectives

  • Understand and be proficient in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events

  • Make suggestions for security improvements

  • Automate & integrate penetration tests where possible

All of which will be in collaboration with the rest of the Engineering team.

Qualifications

You will have a passion for technology and for getting things done well, including a track record of problem solving and penetration testing.

You will also have:

  • A University degree in computer science or related field

  • 2+ years of experience in a similar role in the software or internet service industry

  • A passion for finding security deficiencies in applications, networks or people/processes

  • An in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols and applied cryptography

  • Knowledge of software exploitation (web, client-server and mobile) on the modern operation systems. Familiarization with XSS, injection flaws, filter bypassing, etc.

  • Hands-on experience performing security assessments that involve manual and automated testing, analysis, and exploitation utilizing tools such as Metasploit, Burp Suite, Kali Linux, Wireshark, Nmap, Nessus, AppScan, Fortify, etc.

  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks

  • A working knowledge of application security assessment and applicable review methodologies, e.g., OWASP

  • Fluency in English

Additional Information

Beginning: ASAP

Full time position

Location: Warsaw, Poland - Rondo ONZ, Spektrum Tower

In return for your expertise and energy, we offer:

  • challenge, opportunities to exchange skills within multinational team,
  • ability to work in an autonomous way and in an environment where your ideas are valued,
  • interesting trainings (including those in our foreign offices),
  • health care,
  • Multisport card,
  • French classes during working hours,
  • flexi-time & home-office,
  • competitive salary aligned with experience,
  • casual and very friendly environment,
  • possibility to work in other EV location.


To find out more about EcoVadis please visit our site at www.ecovadis.com.

EcoVadis is a diverse organisation and does not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, disability, veteran status or any other protected category.


Privacy Policy