For one of our key Clients we're looking for an expert specialist for the position of:
Senior Automation Tester (Python + Security)
Terms of engagement:
Area: Consulting IT (project for transportation area)
Localisation: 100% remote
Start: ASAP (max 3 months notice period)
Salary rate (determined individually): 120 - 135 PLN net + VAT / h
Terms: B2B (outsourcing via 1dea), full-time, long-term
Recruitment process (100% remotely):
- Phone "hello" interview with 1dea recruitment consultant (~10 min)
- Technical and business conversation with our Client (approx. 1 hour)
- Decision to cooperate
Scope of duties:
-
Understand Security Needs: Collaborate with architects and product owners to define security requirements and limitations.
-
Craft Security Tests: Design test scripts using security tools (Burp Suite, OWASP ZAP) to comprehensively cover all security aspects.
-
Build Security Frameworks: Develop, implement, and document reusable security testing frameworks for efficient testing.
-
Execute Security Testing: Conduct various tests (vulnerability assessments, threat modeling) for both on-premise and cloud environments using chosen tools and methodologies.
-
Report & Mitigate Risks: Identify, document, analyze vulnerabilities, threats, and risks; recommend solutions; monitor security trends and report findings to stakeholders.
Requirements:
Experience:
-
Minimum 3 years of hands-on experience applying security testing practices.
-
Proven track record in securing backend, API, and web service applications.
Technical Skills:
-
Strong understanding of security testing tools (Burp Suite, OWASP ZAP, etc.).
-
Ability to automate security testing using scripting languages (Python preferred).
-
Expertise in security analysis and designing effective security tests.
-
Experience with security monitoring and diagnostic tools (SIEM systems).
-
Security-focused knowledge of messaging protocols and API technologies.
-
Proficiency in Unix/Linux with a focus on secure configurations and best practices.
-
Practical experience with automated testing frameworks (Selenium WebDriver, Cypress, Playwright).
-
Working knowledge of SQL and relational databases from a security perspective.
Certifications & Methodologies:
-
Industry-recognized security certification (ISTQB Security Tester, CompTIA Security+, etc.).
-
Solid grasp of networking technologies including encryption, load balancing, and firewalls.
- Experience following established security testing methodologies and processes.
Reporting & Integration:
-
Proven ability to create comprehensive security test reports with actionable findings and recommendations.
-
Familiarity with DevSecOps tools (Bitbucket, Jenkins, GitLab) for integrating security testing into the CI/CD pipeline.
We offer:
- A transparent model of long-term cooperation (B2B contract for an indefinite period)
- Stable and safe involvement in a company with a solid market position
- Modern equipment provided by the company, along with software and configuration
- Flexible working hours
- Possibility to work remotely 100% of the time
- Professional advice and career support by a team of experienced specialists
- A mature and sustainable design ecosystem
- Good atmosphere in the team - values such as camaraderie, openness, respect, mutual help and support in development are important to us
- We try to work in the spirit of Agile, which we understand as: continuous improvement, effective cooperation and the use of an empirical approach during the development of manufactured products
- We support a culture of creativity - each team member has the opportunity to propose their own ideas or solutions - you will always be listened to and your suggestions will be taken into account