CODE 12042022/3

Είστε εδώ

JUNIOR APPLICATION SECURITY ENGINEER | NETCOMPANY-INTRASOFT

We are looking for a Junior Application Security Engineer for our offices in Athens. A day in the life of a Junior Application Security Engineer. As a Junior Application Security Engineer will be part of the Information Security Department, participate in the design, implementation, operation, and monitoring of the Secure Software Development Lifecycle roadmap of Netcompany-Intrasoft according to the business strategy and selected information security standards and best practices, support application of security by design principles across Netcompany-Intrasoft products and software development services, and enhance security assurance levels related to application security through DevSecOps culture and automation.

Your team main duties are:

Performing manual secure code review to identify and report security issues and weaknesses
Reviewing output from automated application security testing (e.g., SAST, DAST, SCA) and perform triage activities to assess relevancy of discovered vulnerabilities and rate their security impact
Performing research and investigation to propose solutions in mitigating security vulnerabilities, at the application and code level, discovered by manual and automated security testing assessments
Performing scoped manual security verification assessments with specialized tools (e.g., Burp, ZAP Proxy, Postman and other) and prepare reports describing issues towards development teams
Reviewing software architecture and design documentation to determine security threats, risks, and develop test-cases for manual security testing assessments
Participating and contributing to application security training activities and workshops
Giving presentations on technical security topics towards internal development teams
Supporting the implementation, configuration, and continuous tuning of scanning policies in DevSecOps tooling (e.g., SAST, DAST, CA)
Supporting the automation of task execution related to DevSecOps tooling by developing scripts

By joining Netcompany - Intrasoft, a leading IT company, you will be part of a hub of 1.700+ tech enthusiasts in Greece. You will work using cutting-edge technologies that contribute to the design and delivery of solutions and products for challenging, large-scale IT projects, that affect the lives of millions of citizens around the globe.

If you have

Bachelor Degree in Computer Science or Computer Engineering field;
Master Degree in Information Security field or have some practical experience of 1 or more years in Information Security domain;
Ability to understand workflows written in programming languages such as Java, C#, JavaScript and/or Python;
Experience with OWASP Top 10 risks and CWE Top 25 vulnerabilities and discovering these vulnerabilities in assessment targets;
Knowledge in at least one of the following domains: HTML, CSS, URLs, DOM, Browser/Server Communication, Web Servers;
Knowledge in at least one of the following domains: Operating System Internals, Cloud Architecture, Container technology, Networking, Cryptography, Authentication mechanisms, Authorization controls, Input validation or DevSecOps;
Knowledge of exploitation techniques related to at least three of the following vulnerabilities: XSS, SQLi, IDOR, SSRF, CSRF, HTTP Header Smuggling;
Knowledge of security verification tools such as Burp Suite, ZAP, SonarQube;
Knowledge of risk measurement frameworks (e.g., CVSS, CWSS);
Excellent command of the English language.

…then this position is suitable for you!

It would also be a plus if you had

Any of the following qualifications will also be considered a great additional asset.

Any Application Security certification, (e.g. CASE, CSSLP, CASS, CSP, GIAC Certified Web Application Defender).
Any Information Security related certification, (e.g. CISSP, CEH, ISACA’s CSX, Microsoft AZURE Security Associate, AWS Certified Security Specialty).
Any other Application Security Micro-Learning certification, (e.g., Burp Suite Certified Practitioner, Online Course Completion certifications by Udemy, HackTheBox, etc.)
1 year or more of hands-on experience in Information and Technology security domains.
1 year or more of hands-on experience in Software Development.

This position comes with

Competitive compensation packages.
Continuous learning (with the most modern methods - unlimited access to Udemy for Business), and fast career growth.
Interesting and challenging tasks within large-scale projects.
An international dynamic within a fast-paced working environment.
The opportunity to work in a diverse environment with talented colleagues.

TERMS OF EMPLOYMENT

Full time, 1 position.

Χώρα Απασχόλησης:

Εσωτερικό

CODE 12042022/3

Είστε εδώ

JUNIOR APPLICATION SECURITY ENGINEER | NETCOMPANY-INTRASOFT

Your team main duties are:

If you have

This position comes with

TERMS OF EMPLOYMENT

Υπηρεσίες προς φοιτητές

Υπηρεσίες για εργοδότες/εταιρίες

Δομή Απασχόλησης & Σταδιοδρομίας

Επικοινωνία

Ανακοινώσεις / Προκηρύξεις

Sitemap

Online παρουσία