#1 Job Board for tech industry in Europe

  • Job offers
  • Secure Development Engineer
    New
    Security

    Secure Development Engineer

    Type of work
    Full-time
    Experience
    Mid
    Employment Type
    Permanent
    Operating mode
    Hybrid
    ING Hubs Poland

    ING Hubs Poland

    For over 20 years we have been taking up challenges and proving that we are a trustworthy partner supporting ING in digital transformation. We are the unseen heroes providing the people of the bank with the essential — and often unnoticed — services. We also protect their money and simply create the future of banking. And that's a big thing! See what exactly we do at ING Hubs Poland!

    Company profile

    Tech stack

      Security

      advanced

      Cybersecurity

      advanced

      APIs

      advanced

      English

      advanced

    Job description

    Online interview
    Friendly offer

    We are looking for you, if you:


    • Are passionate about the field of Cybercrime resilience, secure coding practices, secure design and advanced security testing techniques,
    • Have the hands on experience with testing devices, infrastructure or cloud, networks and applications (including testing web applications and APIs, mobile applications is a plus) and/or knowledge of secure coding aspects in at least one leading programming language (e.g. Java, C#, C/C++/Objective-C, Python, GoLANG, SQL etc.),
    • Have strong knowledge of current security technologies and emerging trends in the area of cybersecurity,
    • Have the seamless ability to communicate technical issues in a technical and business language,
    • Have the ability to support yourself and other team members in development,
    • Have the ability to act autonomously, think out of the box and deliver actionable items,
    • Have the ability to establish lasting relations within the organization with engineering organization of ING,
    • Have good oral and written English communication skills.


    You'll get extra points for:


    • Have a Bachelor or Masters in information technology, cybersecurity or a related field, 
    • Posses certificates like CEH, Offensive Certifications like OSCP, OSWP, SANS Offensive Operations Certificates like GIAC Certified Penetration Tester (GPEN) / Certified Expert Penetration Tester (CEPT) is a plus,
    • Have a prior or current experience working as a Penetration Tester, Red Team or Cybersecurity consultant or developer with a focus on secure coding and system design.


    Your responsibilities:


    • Providing analysis and monitoring of development environment, quality of tools supporting secure development and design, secure configurations etc. basing on results of security processes embedded into Security Development Lifecycle (SAST, DAST, IAST, SCA, VS, penetration testing and red teaming) and dedicated analysis on the most common vulnerabilities identified in code,
    • Continuously supporting Global Security Champion Guild having a focus on secure development and engineering to ensure security is embedded by default into each IT or business product at all stages of their lifecycle (Exper Team Secure Development and Engineering),
    • Delivering of security assessments of IT products, infrastructure, applications or 3rd party services as a mechanism to assess the effectiveness of cybercrime resilience controls in place to protect people, process and technology aspects of ING IT systems,
    • Providing technical expertise, analytical skills, documentation and coordination support to an expert team or to CoE’s service consumers,
    • Guiding towards best practices, industry standards and solutions to assure proper security design of IT-Products, expected quality of code and security capabilities delivered out by CoE Offensive Security to assure security is embedded by default,
    • Providing training and awareness on secure coding practices for developers and security champions
    • Providing consulting and expert knowledge on specific software issues and vulnerabilities, low quality of code, use of libraries and frameworks, specific security settings of application servers,
    • Providing accurate technical solutions for identified security issues and design flaws.


    Information about the squad:


    The ING Global CISO’s Attack Surface Management (ASM) tribe will focus on reducing both the external and well as the internal attack surface of the entire ING organisation, by (automated) hardening of our assets against cyber threats with preventive controls and proactively identifying and remediating vulnerabilities. One of area belonging to the ASM tribe is the Center of Expertise (CoE) Offensive Security including Penetration Testing and Red Teaming Expert Teams and Security Development & Engineering Expert Team. Security Development & Engineering Expert Team is globally responsible for the following activities:

    • Providing specific analysis of security issues, confirming hypotheses, testing and certifying new technologies.
    • Continuous monitoring of development environment, quality of tools, configurations etc. basing on results of security processes embedded into Security Development Lifecycle (SAST, DAST, IAST, SCA, VS, penetration testing and red teaming) and dedicated analysis on the most common vulnerabilities identified in code.
    • Providing training and awareness on secure coding practices for developers and security champions.
    • Providing consulting and expert knowledge on specific software issues and vulnerabilities, low quality of code, use of libraries and frameworks, specific security settings of application servers.

    Secure Development Engineer role is responsible for supporting the implementation of adequate detective and preventive measures to reduce attack surface of the Bank, as Subject Matter Expert of secure development, flawless coding practices and cybercrime resilient application design.

    Secure Development Engineer reports directly to the Expert Lead Secure Development & Engineering.

    The role naming convention in the global ING job architecture will be “Engineer IV”.

    Undisclosed Salary

    Permanent

    Check similar offers

    Network Security Engineer

    New
    Connectis
    3.91K - 4.64K USD
    Gdańsk
    DLP
    NSX-T
    SASE

    IT Security Analyst (EDR)

    New
    ArcelorMittal BCOE
    Undisclosed Salary
    Warszawa
    , Fully remote
    Fully remote
    Security tools
    EDR
    SIEM

    System Security Engineer

    New
    SCALO
    4.69K - 6.25K USD
    Warszawa
    , Fully remote
    Fully remote
    Linux
    Office 365
    Windows

    Cyber Security Analyst

    New
    Link Group
    4.1K - 5.33K USD
    Warszawa
    , Fully remote
    Fully remote
    Cisco
    Agile
    Python

    Information Security Specialist

    New
    Falck Digital Technology Poland
    3.17K - 4.88K USD
    Warszawa
    ISO 27001
    Application Security
    ISO 27701