Description
Our mission at Netguru is to help entrepreneurs and innovators shape the world through beautiful software. We care about trust, taking ownership, and transparency. As a Certified B Corporation®, we offer a safe, inclusive and productive environment for all team members, and we’re always open to feedback. If you want to work from home and be a full time employee, great! We want to create the right opportunities for you.
Salary:
- PLN 12,000 - 19,200 monthly (B2B contract);
- PLN 10,000 - 16,000 monthly (Employment Contract); or
- EUR 2,800 - 4,500 monthly (B2B contract).
Curious about your tasks?
You will:
- Analyze clients’ needs regarding the secure architecture, data flows, user stories and infrastructure, and present recommendations during calls with clients and teams.
- Implement security controls into the Software Development Lifecycle: design, development, CI/CD, testing.
- Define non-functional and functional requirements for applications based on the security frameworks and standards: CIS, NIST, OWASP.
- Spread best practices in the area of the application security in development in teams.
- Analyze incidents in project and tools, suggest action points, look for root causes of those incidents.
- Perform security assessments and audits of applications (web and mobile), cloud infrastructure.
- Prepare and maintain policies and documentation on security controls in the software development.
Optionally, based on your skill, you may:
- Perform cloud and mobile applications’ penetration testing.
- Create functional and non-functional requirements for applications’ architecture and infrastructure based on compliance in healhtech, fintech, privacy protection.
- Support internal Information Security teams in ISO 27000-family and privacy-related cases.
Requirements
You must have:
- Proficiency in English (speaking and writing): min. B2+ CEFR.
- Knowledge of well architected secure patterns in application and infrastructure designs, including cloud providers: AWS, Azure, GCP.
- Knowledge of CI/CD concepts.
- Knowledge of protocols used in the Internet on the level which allows debugging and incident response.
- Knowledge of cryptography concepts.
- Great communication skills, both to technical personnel and executives/business owners.
- Knowledge of security frameworks and standards: CIS, NIST, OWASP ASVS, OWASP MASVS.
- Knowledge of security assessments and testing tools for infrastructure, web applications, mobile applications: Burp Suite, OWASP ZAP, MobSF, Trivy, Prowler.
Nice to have:
- Cloud-related security certifications, for example: Microsoft AZ-500, AWS Certified Security Specialty, Google Professional Cloud Security Engineer.
- Penetration testing skills, ideally confirmed with penetration testing certificates: eWPT, GWAPT, OSCP.
- Knowledge of ISO 27000-family framework and controls.
- Knowledge of EU regulations: GDPR, NIS2, CRA, DSA, USA regulations: HIPAA, HiTech, Final Omnibus Rule.
- Former experience as a DevOps, Cloud Engineer.
Benefits
- Access to the WorkSmile platform offering benefits adapted to your preferences.
- Support for your growth - a head/manager’s budget available to every employee.
- Discounts on Apple products.
- One-time PLN 1000 home-office bonus for B2B contractors, and PLN 175 monthly lump sum (ryczałt) for remote employees.
- Various internal initiatives: webinars, knowledge sharing sessions, internal conferences.
Here's what you can expect from the recruitment process:
- First, you'll meet with one of our recruiters to discuss the role and your experience.
- Next, you'll meet with one of our tech experts.
- If everything goes well, you'll have the opportunity to meet your leader at a final interview.
At Netguru, we're committed to creating an inclusive environment for everyone. If you require any disability-related adaptations during the recruitment process, please let us know. We're here to help!