Non IT

Security Engineer

Lokalizacja: Gdansk

Job description


  • Application and network security testing – working with development team to manually test the application for security.
  • vulnerabilities including use of automation tools such as BurpSuite. Review of source code with development team including use of source code security tools.
  • Application vulnerability risk analysis - estimating vulnerability risk in context of specific application, environment and business scenarios. This will include writing and demonstrating vulnerability "proofs of concept”, explaining this to technical architects and business stakeholders.
  • Security Consulting – working with technical architects and developers on design of security-sensitive features; providing technical expertise to security related questions in design and development stage; assistance in development of automated testing suites to enforce security standards in newly written code.
  • Complies with all confidentiality and non-disclosure policies and/or agreements and ensures security of information at all times.

The ideal candidate has:

  • Demonstrated experience of testing current browser and web technologies – HTTP, HTML5, JavaScript, AJAX based web applications.
  • Comprehensive knowledge of web security features (e.g. CORS) and threats (e.g. XSS, CSRF).
  • Understanding of web application architectures, such as MVC, and infrastructure such as load balancers, web proxies etc.
  • Demonstrated experience reading and analysing web application source code in languages such as Java, PHP, ASP.NET.
  • Hands on experience with application security testing tools such as BurpSuite, sqlmap and network security testing tools such as OpenVAS, mmap.
  • Demonstrated experience security testing on Unix operating systems.
  • Possess strong written and verbal communication skills as well as presentation skills.
  • Excellent interpersonal, analytical, organisational, and problem-solving skills.
  • Ability to establish and maintain effective working relationships with project and respective team resources.
  • Proven ability to work independently with minimal supervision.
  • Certification is preferred in one of the following: CISSP / OWASP / CLAS.

What you get from Kainos:

  • Relocation package that covers flights, accommodation, and other relocation costs;
  • Private medical insurance at Medicover (possibility to take your family under it);
  • 1500 PLN per year to pay for your hobby courses (you can spend it for whatever you want i.e. kitesurfing or Spanish language lessons);
  • Gym card Multisport (50% paid by company; possibility to take your family under it);
  • Integration and family parties: Summer BBQ, Kick Off, Pay Day Drinks, Christmas Party, St. Patrick’s Day, and many more;
  • Online training portal access — Pluralsight;
  • Career Coach taking care of your career progress in Kainos;
  • Conferences in Poland and abroad as a speaker or listener (you can prepare for your presentation within working hours);
  • 3000 Pounds for Refer-a-friend scheme;
  • Possibility to work from home up to 3 days per week;
  • Core hours (starting work between 8 and 10 AM);
  • 7,5 hours working day;
  • Fun rooms, Chill Out room and gym with showers in the office;
  • Soft skills training;
  • Easy access to the people on managerial levels, real influence on the company’s decisions;
  • Very stable employment in a company that cares about employees’ development.

Możesz też wysłać nam swoje CV na adres


Możesz też wysłać nam swoje CV na adres