Main Responsibilities

• Conduct security reviews of application designs, source code, and third-party libraries;
• Perform regular application vulnerability assessments using both automated tools and manual testing techniques (e.g., SAST, DAST, SCA, penetration testing);
• Help maintain security tools, scripts, and processes to support secure development;
• Stay current with industry trends, zero-day vulnerabilities, and best practices in application security;
• Develop scripts and security automation tools to enhance application security testing processes;
• Design and deliver training for security engineering awareness & adoption;
• Actively look for internal security gaps within the product or organization overall;
• Ensure custom-built libraries/protocols are sufficiently tested and support internal and external audits;

Core Requirements

• Proven experience in mobile/desktop application security assessment planning, testing, methodologies, and vulnerability reporting;
• Strong understanding of secure coding practices;
• Ability to perform manual security code audit;
• Familiarity with at least one low-level programming language (e.g. C, C++, Rust, Go);
• Familiarity with of networking protocols such as TCP, UDP and the HTTP protocol;
• Familiarity with debuggers (e.g. GDB, LLDB, WinDbg) and reverse engineering tools (e.g. Ghidra, IDA);
• Familiarity with memory corruption issues, buffer overflows and related vulnerability classes;
• Familiarity with common authentication and authorization protocols (OAuth, SAML, JWT, etc.);
• Ability to work with networking tools such as Wireshark and tcpdump;
• Ability to quickly assimilate new technologies and tools;
• Sense of ownership with strong problem-solving and investigation skills;
• Ability to build and maintain relationships, influence key stakeholders across the business;
• Bonus points for community contributions like public CVEs, bug bounty recognition, open-source tools, blogs, etc.

Salary range

• Gross Salary 22900 - 32900 PLN/Month