Unia Europejska
See all open positions

DevSecOps Enchanter

Wrocław, Warszawa

Your daily tasks:

  • designing and implementing secure software development life cycle solutions based on various tools,
  • providing advisory to different groups (Technology, Developers, IT, internal stakeholders of any kind),
  • participating in execution of training program for different teams,
  • defining secure software development life cycle for large projects and teams,
  • defining applications security architecture elements,
  • defining documentation of security requirements for our applications and games,
  • assisting with KPIs and KRIs related to security in applications,
  • working with management on defining roadmaps, needs and provide short and mid-term forecasting,
  • collaborating with internal stakeholders to define best approach to maximize the security posture,
  • documenting and standardizing testing methodologies and tool sets,
  • constantly identifying areas for improvement and driving all changes that are required.

You meet our expectations if you have:

  • experience in the Application Development/DevOps (at least 4 years),
  • experience in Application Security Testing (at least 2 years),
  • BSc in Computer Science, Math or Physics,
  • working knowledge of SAST, DAST, IAST and RASP methodologies,
  • experience in management and definition of security in the software development lifecycle (SDLC),
  • working knowledge of waterfall, agile and primarily DevOps development methodologies,
  • experience in software development and SDLC,
  • familiarity with one or more languages (Java, Javascript, C++, C#, Python, Perl),
  • experience with automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, etc.
  • knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis),
  • understanding of virtualization and container technologies (Docker, Kubernetes, OpenShift, etc.)
  • working knowledge of vulnerability scanners (Nessus, Qualys, Acunetix etc.),
  • well versed with TCP/IP stack and network protocols,
  • certification like OSCP, CRT, CISSP or even CEH would be a plus, 
  • outstanding ability for logical and creative thinking,
  • excellent organization and time management skills,
  • excellent interpersonal and communication skills,
  • very good command of English,

Nice to have:

  • ability to work alone and bring results,
  • abnormal sense of humour.
Apply now

Please enter your date of birth