Security Engineer

Summary

Join Netguru, a Certified B Corporation®, and help shape the world through beautiful software. As a Security Engineer, you will analyze client needs, ensure robust protection across various providers, secure networks and systems, perform tests and vulnerability analysis, and ensure compliance with standards. You will also integrate security into DevSecOps, manage security incidents, and collaborate with teams. Netguru offers flexible work arrangements, including the option to work from home full-time. Competitive salaries and various benefits are provided.

Requirements

• Communicate complex technical concepts clearly to both technical and non-technical audiences
• Be a proactive problem-solver, able to analyze issues and develop effective solutions
• Be highly independent and self-managing, able to prioritize tasks and work with minimal supervision
• Be adaptable and flexible, able to quickly learn and adjust to new technologies and threats
• Possess a meticulous attention to detail, ensuring accuracy and identifying subtle vulnerabilities
• Be a collaborative team player, willing to share knowledge and work effectively with diverse teams

Responsibilities

• Analyze client needs (secure architecture, data flows, user stories, infrastructure) and recommend solutions in client/team meetings
• Ensure robust protection across different providers (AWS, Azure, GCP) by leveraging your expertise in network and IT system security
• Secure networks and systems: configure firewalls, IDS/IPS, VPNs, and secure communication
• Perform tests and vulnerability analysis using static/dynamic code analysis and security scanners
• Ensure compliance with standards (ISO 27001, PCI DSS, GDPR) and implement aligned security policies
• Secure applications: implement "security by design" and apply OWASP Top 10 best practices
• Integrate security into DevSecOps: automate security testing and embed controls in CI/CD pipelines
• Manage security incidents: monitor, analyze, and respond using log analysis and SIEM tools
• Communicate and collaborate with teams, document processes, and explain technical information
• Design and conduct risk assessments, identify threats, evaluate impact, and implement mitigation. Integrate risk assessment into the project lifecycle

Preferred Qualifications

• Perform cloud and mobile applications’ penetration testing
• Create functional and non-functional requirements for applications’ architecture and infrastructure based on compliance in healhtech, fintech, privacy protection
• Support internal Information Security teams in ISO 27000-family and privacy-related cases

Benefits

• Access to the WorkSmile platform, offering benefits adapted to your preferences
• Discounts on Apple products
• One-time PLN 1000 home-office bonus for B2B contractors, and PLN 175 monthly lump sum (ryczałt) for remote employees
• Various internal initiatives: webinars, knowledge sharing sessions, internal conferences
• 16 paid days off (B2B contract)