(

(Senior) InfoSec Engineer Assessments

Krakow Poland

3 months ago


Years of Experience

5 - 8 years

Workplace Type

Hybrid

Seniority Type

Senior

Industry

Tobacco


Analyse your salary

Want to know how much a (Senior) InfoSec Engineer Assessments make in Krakow Poland?

Get Salary insights for (Senior) InfoSec Engineer Assessments in Krakow Poland. Know how your salary compares to the industry average. Our AI analyzer uses other candidates' stated pay expectations to identify market trends.


Skills

Information SecurityIT AuditsComplianceApplication ArchitecturesApplication Security TestingArchitecture ReviewsCloud TechnologiesApplication Security Assessments

Contact our TA to know more about the job

Louella Lawrence Paul

Talent Advocate at WhiteCrow


Description

About our client

Our client is a trailblazing pioneer in the Tobacco Manufacturing Industry. What sets them apart is their unwavering commitment to innovation and progress. They have embarked on a remarkable journey of transformation, with a resolute aim to create a smoke-free future. This ambitious endeavour has completely redefined every aspect of their business, from the production and distribution of their products, to how they interact with their customers and society as a whole.

By embracing this transformation, our client is leading from the front, with their pioneering vision and steadfast determination to create a smoke-free future.

With a workforce of more than 75,000 talented individuals worldwide across 180 countries, they have truly established themselves as a global leader in the industry. 


Job description

Role Description:


  • Running at the forefront of our client's Digital Transformation, Information Security offers guidance, solutions and advisory all across their business, supporting their secure journey towards a smoke-free future.
  • Their scope ranges from security assessments, architecture, governance and risk advisory, through resilience, cyber threat intelligence and incident response, to supporting our client's Functions, Markets, and Platforms (e.g. Finance, People & Culture, Operations, Consumer or Product) and building an organizational security culture. 


Responsibilities:


  • Identify cybersecurity gaps in our client's applications and systems using a wide variety of methods, e.g. threat modeling, architecture reviews, access model reviews, configuration reviews, static and dynamic application security testing
  • Evaluate the security posture of the third party solutions using TPCRM methodologies with cybersecurity focus
  • Analyze the scope, methodology and results of cybersecurity activities (e.g. ethical hacking) performed by third parties around the presence of vulnerabilities in systems used or to be used by our client.
  • Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing deliverables provided by vendors
  • Describe and demonstrate identified issues in various forms (e.g. reports, technical debt definitions) and ensure that relevant collaborators understand the risk that those vulnerabilities pose to the Company
  • Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost efficient way
  • Partner with other Information Security leaders to ensure that our client follows standard processes in the application security testing domain by continuously optimizing tools, techniques and methodologies
  • Keep up to date with the constantly evolving cyber threat landscape and the latest developments in IT risk management and contribute to our client's security standards


Requirements:


Proven experience, preferably in a large organization or consulting companies, in at least one of the areas:


  • IT assurance: IT security, IT risk management, IT audit, IT controls,
  • Offensive security: ethical hacking, penetration testing, vulnerability assessment, red teaming
  • Secure software development: S-SDLC, DevSecOps


Professional certifications in at least two of the following domains:


  • IT systems security and auditing (e.g. CISA, CISSP, CRISC, CISM).
  • Cloud technologies (e.g. AWS, Azure, Salesforce).
  • Ethical hacking (e.g. OSCP, GIAC Penetration Tester, CEH).
  • Proven track record in performing IT security assessments or IT audits for large scale solutions.
  • Good knowledge of typical application design patterns and their attack vectors (e.g. web, mobile, thick client, etc.).
  • Strong understanding of modern application architectures including microservices, containers, APIs, serverless technologies and cloud environments.
  • Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID).
  • Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10.
  • Considerable technical writing proficiency and oral presentation skills.

Sign up to create profile

Fill in your details to create profile on WhiteCrow

Why get hired via WhiteCrow?

We take your privacy seriously

We take your privacy seriously

By default, your profile stays hidden from past & current employers. We only showcase your anonymous profile to employers and seek your permission before revealing your full profile.

Know more

Personal & Dedicated Talent Advocate

Personal & Dedicated Talent Advocate

Our Talent Advocates are here to help: from providing insider knowledge to guiding you through interviews to negotiations.

Know more

Exclusive Jobs from Top Companies

Exclusive Jobs from Top Companies

Gain access to mid to senior level executive job opportunities at more than 90 of the Fortune 500 companies globally on WhiteCrow.

Know more

Why get hired via WhiteCrow?

With our unique combination of AI matching technology and human expertise, WhiteCrow will help you get discovered for your unicorn role.

Know more

Contact our TA to know more about the job

Louella Lawrence Paul

Talent Advocate at WhiteCrow


People also viewed

InfoSec Engineer Application Security

Stamford, United States

3 months ago


Manager InfoSec Assessments

Lisbon, Portugal

6 months ago


Manager InfoSec

Belgrade, Serbia

14 hours ago


Cyber Security Specialist

Dhahran, Saudi Arabia

3 months ago


Application Security and Vulnerability Analyst

Dhahran, Saudi Arabia

3 months ago


Software Engineer - Quality

Bengaluru, India

3 months ago


Senior Engineer- V&V

Bengaluru, India

3 months ago


Senior Cyber Threat Intelligence Analyst

Dhahran, Saudi Arabia

3 months ago


Industrial Networking Specialist

Dhahran, Saudi Arabia

8 months ago


Lead IT Business Partner Finance(FICO)

Kuala Lumpur, Malaysia

4 months ago


View more jobs

Sign up to create profile

Fill in your details to create profile on WhiteCrow