- 3+ years of professional experience with web and mobile application security, and at least 1 year of ethical hacker/pentester experience.
- Strong knowledge of web and mobile security fundamentals.
- Solid knowledge of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies).
- Strong understanding of the most critical security risks to web applications(OWASP Top 10).
- Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns.
- Hands-on experience in web vulnerabilities finding and exploitation.
- Hands-on experience in application security testing software and common penetration testing tools (Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.).
- Knowledge of IT technologies (network protocols, Web, clouds, operating systems, database systems).
- Basic knowledge of one or more multiplatform scripting languages (eg. Python).
- Experience in software development practices and methodologies (SDLC).
- Programming/development experience.
- Knowledge of pipeline and CI/CD principles. Embed security across the CI/CD roadmap (SSDLC).
- Understanding and hands on experience in cloud security (AWS/Azure).
- Experience in threat modeling activities.
- Bug bounty experience.
- Awareness of privacy and security regulations and compliance frameworks.
- Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.
- Competitive compensation packages.
- Stable employment, based on a full-time employment contract.
- Private health insurance (Medicover Сlinic).
- AYCM sport pass, providing discounts at various sports facilities in Hungary.
- Interesting tasks and diverse opportunities for developing your skills.
- Free training courses.
- Participation in internal and external thematic events, technical conferences.
- A spacious office in the heart of Budapest (13th district).
- All necessary devices and tools for your work.
- Active corporate life.
WILL BE A PLUS:
NIX, a global supplier of software engineering and IT outsourcing services, is looking for an Application Security Engineer in its office in Budapest (Vaci Greens, 13th district). You’ll be part of a team of professionals who are ready to find the best tailor-made IT solutions for their multinational clients in various industries and solve complex problems.
WHAT CAN WE OFFER YOU:
If you feel you’re ready to join the team, apply for this job now! We’re already looking forward to meeting you!
,[Performs web and mobile applications vulnerability assessments and penetration testing activities., Effectively communicate and coordinate with engineers, leads and stakeholders to deliver quality and security to the product., Write client reports with your findings and recommendations using your top-notch English writing skills and exceptional attention to detail., Provides support to product owners in fixing vulnerabilities., Triage SAST and DAST scans findings., Participates in development of team processes., Train and educate developers and teams in secure coding techniques including use of supporting toolsets and enable them to self service., Continuously develops professional knowledge and skills.] Requirements: OWASP, Cloud security, SQL, Network Security, Azure, Linux, ISO 27001, Security, Cybersecurity, Penetration Tester, CI/CD, SSDLC, AWS/Azure, OSCP, CEH Additionally: International projects, Paid English courses, Mentoring program, Bike parking, Free coffee, Playroom, Shower, Free snacks, Modern office, No dress code.
application-security SDLC CI/CD Python Amazon Web Services (AWS) Azure nmap OWASP Certified Ethical Hacker (CEH) Ethical Hacking metasploit OffSec Certified Professional (OSCP) Burp Suite penetration-testing kali-linux