Company Description
SmartRecruiters is building an operating system for recruiting and is on a mission to connect people with jobs at scale. The company is growing quickly and recently hit the 1.5 billion dollar valuation. The system is used by over 4,000 companies, including LinkedIn, McDonald’s, VISA, CD Projekt Red, Allegro , and many many more!
Our engineering team solves one of the most important problems of the modern economy – connecting great people with great jobs. We believe this problem can only be solved with technology, and we developed a software platform that has supported over 100M job seekers to date (with 5M joining every month).
We are currently looking for a Cybersecurity Specialist to join our Information Security and Internal IT team. Our team’s mission is to find the best way to secure the IT infrastructure and web application environment. As a member of the InfoSec team, you will be responsible for threat modeling, design reviews, and penetration testing of web applications to identify vulnerabilities and security defects as well as providing Information Security consulting and recommendations, ensuring the implementation of approved security requirements. If that excites you, then we can’t wait to connect!
You can work remotely from any city in Poland or join our Kraków office.
What you’ll deliver:
- Being responsible for testing security-by-design into Software Development Lifecycle process, networks, and data centers
- Reviewing current system security measures and recommending and implementing enhancements, and when needed – conducting immediate actions and post-event analyses
- Finding and addressing vulnerabilities and risks in infrastructure and software
- Testing application against OWASP Top 10 – which means conducting regular system tests and ensuring continuous monitoring of our ATS security
- Constantly monitoring for attacks and intrusions and managing incidents and vulnerability tests
- Conducting breach of security drills
- Cooperate with IDM Specialists and Security Architects to ensure a proper level of security
Qualifications:
- While not strictly required we see most of our Senior Engineers have 5+ years of professional experience
- A degree in Information Technology, Computer Science, or equivalent work experience
- Extensive knowledge of security technologies, threats, vulnerabilities, and penetration tests
- Extensive experience in Information Security and/or IT Risk Management with a focus on security, performance and reliability
- Solid understanding of security protocols, cryptography, authentication, authorization, and security
- Good working knowledge of current IT risks and experience in implementing security solutions
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures
- Excellent written and verbal communication skills
- Nice to have: CISSP (Certified Information Systems Security Professional), Security+, Network+, The Certified Ethical Hacker (CEH), Licensed Penetration Tester (LPT) certifications
- Nice to have: Experience with cloud-based environments/applications
Benefits (Permanent):
- We support 100% remote work with Wi-Fi reimbursement and an additional stipend for the equipment (we provide the MacBook laptop)
- Unlimited vacation days (yes – it’s really unlimited)
- Private Medical Care for you and your dependents (Luxmed)
- Company equity plan
- Wellness Programme (Multisport Card and even more)
- 26 fully paid vacation days during each calendar year, company equity plan, and MacBook Pro (B2B)
Additional information
SmartRecruiters is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
SDLC Information technology (IT) Computer Science Applicant Tracking Systems (ATS) Cybersecurity OWASP Certified Ethical Hacker (CEH) Information security Certified Information Systems Security Professional (CISSP)