Application Security Consultant
Security
Application Security Consultant
GSK
Poznań
Type of work
Undetermined
Experience
Mid
Employment Type
Permanent
Operating mode
Office
Tech stack
BurpSuite Pro
WebInspect
AppScan
Accunetix
Rapid7
Qualys
Job description
Online interview
Poznan Tech Hub is GSK worldwide biggest IT center hiring about 700 highly-skilled IT professionals. We are part of GSK, which aspires to be one of the world’s most innovative, best performing and trusted healthcare companies. At Poznan Tech Hub we build a truly international team which provides services to all GSK locations around the world. Our talented IT experts have a unique opportunity to contribute to the entire product life cycle from research and development, through manufacturing, to commercialization and support salesforce of new vaccines, medicines and healthcare products.
It is a great time to join GSK Tech Hub in Poznan. We value courage, accountability, development and teamwork. You will be encouraged to experiment and collaborate across teams to bring innovation to our every day job. We are open to candidates with various levels of experience - whether you are a seasoned specialist with deep expertise or a graduate looking to kick start your career. Help us to lead in Technology to improve lives of patients and consumers around the world.
As an Application Security Consultant you will be part of a global team of enthusiastic security experts, specializing in the areas of security assurance, vulnerability management and penetration testing. We are curious, like to challenge each other and share our knowledge. You will have an active role in shaping the direction of services and solutions in the application security space. Your Agile mindset and ways of working will be an asset for our team as we continue the Digital journey.
The Application Security Testing function within the Application, Host and Data Security group delivers global services and technology capabilities to ensure alignment with the strategy and key investment areas identified in the Application Security area.
This role will provide YOU the opportunity to perform key activities to progress YOUR career. These responsibilities include the following:
It is a great time to join GSK Tech Hub in Poznan. We value courage, accountability, development and teamwork. You will be encouraged to experiment and collaborate across teams to bring innovation to our every day job. We are open to candidates with various levels of experience - whether you are a seasoned specialist with deep expertise or a graduate looking to kick start your career. Help us to lead in Technology to improve lives of patients and consumers around the world.
As an Application Security Consultant you will be part of a global team of enthusiastic security experts, specializing in the areas of security assurance, vulnerability management and penetration testing. We are curious, like to challenge each other and share our knowledge. You will have an active role in shaping the direction of services and solutions in the application security space. Your Agile mindset and ways of working will be an asset for our team as we continue the Digital journey.
The Application Security Testing function within the Application, Host and Data Security group delivers global services and technology capabilities to ensure alignment with the strategy and key investment areas identified in the Application Security area.
This role will provide YOU the opportunity to perform key activities to progress YOUR career. These responsibilities include the following:
- Perform and / or assist in running vulnerability assessments and penetration tests of web and mobile applications
- Work with developers, project leads, business customers and stakeholders to explain complicated application and infrastructure security issues and potential business impact, recommend and negotiate suitable mitigation approaches
- Be a champion, advocate and subject matter expert in the DevSecOps field
- Provide subject matter expertise and actively contribute to information security projects and initiatives
- Help define and implement key service metrics
- Suggest service changes and improvements in response to the constantly evolving information security landscape
- Provide recommendations to the Leadership Team on further improvements in application security space based on ongoing review of internal processes and services
Basic Qualifications:
We are looking for professionals with these required skills to achieve our goals:
- Proven track record of working in an IT group with experience in application security, threat analysis or incident response.
- At least 2 years - background in more than one of the following: DevSecOps, vulnerability management, incident response, security assessments, web / mobile application development, secure code review, application security concepts (input validation, HTML encoding, parameterized queries) application penetration testing, manual ethical hacking.
- Familiarity with web and mobile application testing tools such as BurpSuite Pro, WebInspect, AppScan, Accunetix, Rapid7, Qualys
- Demonstrated ability for sound judgment with strong emphasis on quality, cost and service improvement
- Passionate about computer security, willingness to learn new technologies
- Good command of English (B2/C1)
Preferred Qualifications:
If you have the following characteristics, it would be a plus:
- Experience detecting security issues such as Cross Site Scripting, SQL Injection, Parameter Manipulation, Forceful Browsing, Privilege Escalation, etc.
- Familiarity with Open Web Application Security Project (OWASP) testing guides and methodologies for web and mobile applications
- Familiarity with various categories of security testing tools, e.g. VM scanners, SAST, DAST etc.
- Familiarity with DevSecOps tools and processes
- Experience of working with 3rd Party vendors
Why GSK?
Our values and expectations are at the heart of everything we do and form an important part of our culture. These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork.
- Career at one of the leading global healthcare companies
- Contract of employment
- Attractive reward package (annual bonus & awards for outstanding performance, recognition awards for additional achievements and engagement, holiday benefit)
- Life insurance and pension plan
- Private medical package with additional preventive healthcare services for employees and their eligible
- Sports cards (Multisport)
- Possibilities of development within the role and company’s structure
- Personalized learning approach (mentoring, online trainings’ platforms: Pluralsight, Business Skills, Harvard Manage Mentor, Skillsoft and external trainings)
- Extensive support of work life balance (flexible working solutions, short Fridays option, health & wellbeing activities)
- Supportive community and integration events
- Modern office with creative rooms, fresh fruits everyday
- Free car and bike parking, locker rooms and showers