Miejsca pracy
>
Kraków

    Senior Test Penetration Engineer - Kraków, Polska - Guidewire

    Guidewire
    Guidewire Kraków, Polska

    1 tydzień temu

    Default job background
    W pełnym wymiarze godzin
    Opis

    Guidewire PSIRT (Product Security Incident Response Team) is responsible for:

  • Guidewire product vulnerability management process for all Guidewire applications.
  • Coordination of customer/external product security incidents and reported security issues affecting various Guidewire products and applications.
  • Working cross-functionally with all business units, sustaining engineers, product security team members, customer support, legal and external security researchers to ensure timely resolution of security incidents and events.
  • Development, maintenance and continuous improvement of the product security incident monitoring, detection and response tools and process, including all required supporting materials.
  • Pen testing Guidewire applications to ensure timely discovery of the vulnerabilities.
  • Security Review and Code Review of Guidewire applications

    • We are looking for a new team member who will be responsible to perform following activities (but not limited to):

  • Ensure proper execution of PSIRT Process - triage security related issues (external / internal), verify those on different versions, products.
  • Perform root cause analysis to ensure validity of reported issues.
  • Triage code defect based issues, quantitatively evaluate risk and provide guidance to engineering teams regarding the impact of security issues using industry standard metrics such as CVSS.
  • Work closely with project management, product management, engineering and sustaining teams to drive issues to closure.
  • Cultivate strong working relationships with external researchers, reporting organizations and customers to ensure effective collaboration. Work with customer facing and internal teams to continually improve processes used to identify and fix product security issues
  • Enhance existing product security incident response program
  • Coordinate with internal product development teams in accomplishing regular security reviews and penetration testing assessments.
  • Execute the penetration tests internally to identify critical vulnerabilities.
  • Perform security-focused code reviews
  • Support the preparation of security releases.
  • Develop security tooling and automation
  • Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
  • Validate findings from security scanning tools and ideate data-driven enhancement strategies for dynamic (DAST), static (SAST), open-source application security testing (SCA) and container security scanning including troubleshooting, and continuous process improvement

    • Requirements

  • Bachelor's/master's in computer science or equivalent
  • Industry related certifications are preferred (E.g. CSSLP, CISSP, GIAC, OSCP, etc.)
  • Minimum 7-10 years of relevant Application Security Experience
  • At least 2-5 years of experience with Penetration testing
  • Solid understanding of OWASP Top 10, common classes of product security vulnerabilities and attack/defense methodologies.
  • Strong written and verbal communications skills
  • Proven ability to build relationships and influence individuals at all levels, as well as external security researchers, vendors and service providers
  • Experience with various application security tools - Static code analysis, dynamic code analysis, vulnerability scanning, pen testing
  • AWS/Cloud Experience a strong plus
  • Bug bounty program participation a plus
  • Knowledge of the security research community is a strong plus
  • Scripting skills (i.e. Python/Perl/Ruby, shell scripting) or development experience (Java/C++/Python) is a significant plus
  • Guidewire

    Staff Test Penetration Engineer

    1 tydzień temu

    Guidewire Kraków, Polska W pełnym wymiarze godzin

    Guidewire PSIRT (Product Security Incident Response Team) is responsible for: · Guidewire product vulnerability management process for all Guidewire applications. · Coordination of customer/external product security incidents and reported security issues affecting various Guidew ...

  • endegospzoo

    Embedded Penetration Tests Engineer

    5 dni temu

    endegospzoo Kraków, Polska

    Endego is all about people · At Endego, we take pride in creating comprehensive engineering solutions that set standards in the industry. Our specialization covers sectors such as automotive, railway, agriculture, heavy-duty vehicles, commercial vehicles (such as buses), and addi ...

  • KION Group

    Cyber Security Engineer

    1 tydzień temu

    KION Group Kraków, Polska W pełnym wymiarze godzin

    What we offer: · The opportunity to work in the fast growing worldwide company · Attractive remuneration based on your experience, skills and development · The opportunity to participate in the international projects and a significant influence on company IT development · Yo ...

  • HITACHI ENERGY SERVICES SP. Z O.O.

    Cyber Security Penetration Tester

    1 tydzień temu

    HITACHI ENERGY SERVICES SP. Z O.O. Kraków, Polska W pełnym wymiarze godzin

    Description · : Requirements: · In-depth knowledge of TCP/IP networking and application protocols concepts · Understanding of software exploitation and common vulnerabilities · Understanding of port scanning, vulnerability assessment and fuzzing tools · Knowledge of protocols ...

  • Hsbc Service Delivery

    Threat Hunter

    5 dni temu

    Hsbc Service Delivery Kraków, Polska W pełnym wymiarze godzin

    Technologies-expected : AWS Microsoft Azure about-project : Sitting within the Monitoring and Threat Detection sub-function, the 'Cybersecurity Threat Hunter' role is primarily charged with proactively searching through the HSBC global estate for evidence of malicious activities ...

  • GPC Global Technology Center

    Application Security Engineer

    1 tydzień temu

    GPC Global Technology Center Kraków, Polska

    As we continue to scale and evolve, it has become increasingly important for us to protect our applications. That's why we're looking for an experienced Senior Security Engineer in the area of application security for AI systems. Join our GenAI team and contribute to the developm ...

  • Zendesk

    Senior Product Security Engineer

    1 tydzień temu

    Zendesk Kraków, Polska W pełnym wymiarze godzin

    Job Description · Are you passionate about application security? Do you get a thrill out of discovering security vulnerabilities in web applications and mobile apps? Do you enjoy the challenge of designing creative solutions to tough problems? Are you excited about securing the p ...

  • Revvity

    Service Director, Global Growth Market

    4 dni temu

    Revvity Kraków, Polska

    As a Service Delivery Leader you will play a pivotal role in ensuring the smooth and efficient delivery of service for Life Science & Diagnostics instrumentation across the region. You will lead a team of regional/country service leaders responsible for service delivery and drivi ...

  • Cognizant

    Application Security Specialist

    1 tydzień temu

    Cognizant Kraków, Polska W pełnym wymiarze godzin

    Location: Poland, Kraków · What we do: · As Top Employer, we are dedicated to helping the world's leading companies build stronger businesses — helping them go from doing digital to being digital. Cognizant Poland offices are in Gdansk, Wroclaw, and Kraków. With the capacity to ...

  • Honeywell

    Data Privacy – Senior Analyst

    1 tydzień temu

    Honeywell Krakow, Polska

    team recognized for leadership, innovation and diversity · Data Privacy – Senior Analyst - Krakow · AT HONEYWELL WE ARE COMMITTED TO DATA PRIVACY AND INTEGRATING DATA PRIVACY INTO THE DESIGN OF OUR PRODUCT AND SERVICE OFFERINGS · We currently have an opportunity for a Data ...

  • TE Connectivity

    ACCOUNT MANAGER

    1 tydzień temu

    TE Connectivity Kraków, Polska

    Bei TE Connectivity geben wir Ihnen Raum zur beruflichen Entfaltung, und die Möglichkeit über Länder und Kulturen hinweg mit Kollegen zusammenzuarbeiten, mit dem Ziel eine sicherere, nachhaltige, produktive und vernetzte Zukunft zu gestalten. · Requierements: · • Understand th ...

  • Honeywell

    Data Privacy – Senior Analyst

    4 dni temu

    Honeywell Krakow, Polska

    team recognized for leadership, innovation and diversity · Data Privacy – Senior Analyst - Krakow · AT HONEYWELL WE ARE COMMITTED TO DATA PRIVACY AND INTEGRATING DATA PRIVACY INTO THE DESIGN OF OUR PRODUCT AND SERVICE OFFERINGS · We currently have an opportunity for a Data Pri ...

  • Qualtrics

    Senior Security Engineer, Platform Security

    6 dni temu

    Qualtrics Krakow, Polska W pełnym wymiarze godzin

    At Qualtrics, we create software the world's best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platform—we are the creators and stewards of the Experience Management category serving ...

  • Selvita

    IT Cyber Security Specialist

    4 dni temu

    Selvita Kraków, Polska

    Location · "> Kraków, Poland Offer description Selvita is a global integrated drug discovery partner for the pharmaceutical and biotechnology industries with laboratories in Poland (Krakow & Poznan) and offices in Cambridge, UK, Greater Boston Area & San Francisco Bay Area in t ...

  • PwC Advisory spółka z ograniczoną odpowiedzialnością sp.k.

    Cloud IT Security Consultant

    4 dni temu

    PwC Advisory spółka z ograniczoną odpowiedzialnością sp.k. Kraków, Polska W pełnym wymiarze godzin

    Description · & Summary PwC Poland's Cybersecurity Team is made up of 50 specialists. We not only help companies design cybersecurity strategies and monitoring or incident response processes, but we also support them in the implementation of specific security systems. We combin ...

  • Philip Morris International

    Information Security Engineer Assessments

    5 dni temu

    Philip Morris International , Kraków, Polska W pełnym wymiarze godzin

    MAKE HISTORY WITH USAt PMI, we've chosen to do something incredible.We're totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future.With huge change, comes huge opportunity. So, wherever you join us, you'll enjo ...

  • Pegasystems

    Senior Cloud Security Architect

    1 tydzień temu

    Pegasystems Kraków, Polska

    Meet Our Team: · Are you ready to take your career to the next level? Do you crave the opportunity for interaction with senior and executive management, customers and architects while working for a company that is changing the way the world builds enterprise software? Cloud Secu ...

  • Cognizant Technology Solutions

    Application Security Specialist

    1 tydzień temu

    Cognizant Technology Solutions Krakow, Polska OTHER

    Location: Poland, Kraków · What we do: · As Top Employer, we are dedicated to helping the world's leading companies build stronger businesses — helping them go from doing digital to being digital. Cognizant Poland offices are in Gdansk, Wroclaw, and Kraków. With the capacity to s ...

  • TE Connectivity

    ACCOUNT MANAGER

    1 tydzień temu

    TE Connectivity Kraków, Polska

    Bei TE Connectivity geben wir Ihnen Raum zur beruflichen Entfaltung, und die Möglichkeit über Länder und Kulturen hinweg mit Kollegen zusammenzuarbeiten, mit dem Ziel eine sicherere, nachhaltige, produktive und vernetzte Zukunft zu gestalten. · Über TE Connectivity: · TE Connecti ...

  • IBM

    Infrastructure Security Engineer, WatsonX Orders – ML

    3 dni temu

    IBM Skawina, Polska

    Introduction · We are looking for a skilled Security Engineer to help secure infrastructure & applications across AWS, k8s, and edge location for our ML powered AI. · Your Role and Responsibilities · Collaborate with compliance leaders, software developers, and SREs to implement ...