We are looking for a dedicated Senior Security Testing Engineer to enhance the security measures of our software products by identifying, analyzing, and mitigating vulnerabilities.

In this role, you will be instrumental in managing and securing our software repository, focusing on automating processes and ensuring compliance with industry standards through effective vulnerability management.

Responsibilities

• Identify, analyze, and prioritize vulnerabilities in mobile and web applications
• Provide technical justifications, mitigations, and updates for Common Vulnerabilities and Exposures
• Collaborate with development, operations, and security teams to ensure effective remediation of vulnerabilities
• Generate detailed vulnerability reports and remediation strategies for CVEs
• Address inquiries related to vulnerability disclosures clearly and precisely
• Enrich and maintain a comprehensive knowledge base of vulnerability reports
• Develop and implement automation tools and scripts to streamline CVE management processes
• Create tracking and reporting dashboards to communicate vulnerability metrics
• Serve as a technical liaison among internal security teams, product owners, and external partners
• Drive the continuous enhancement of security operations through innovative process refinement

Requirements

• Hands-on experience with vulnerability scanning tools and CVE databases, such as NowSecure and HCL App Scan
• Competency in manual penetration testing of mobile and web applications
• Proficiency in scripting languages like Python, and familiarity with automation frameworks including Ansible and Terraform
• Understanding of containerized environments like Docker and Kubernetes, coupled with secure software development practices
• Familiarity with common security frameworks such as OWASP, NIST, ISO 27001, and PSI DSS
• Strong communication skills for translating complex technical concepts to diverse audiences
• Ability to manage multiple tasks and priorities in a dynamic environment
• An analytical approach and problem-solving skills with a keen attention to detail

Nice to have

• Experience managing secure software repositories and hardened containers such as DoD's Iron Bank
• Familiarity with cloud platforms like AWS, Azure, and GCP, including their security configurations
• Knowledge of security orchestration and automation platforms

We offer

• We gather like-minded people:
  • Engineering community of industry professionals
  • Friendly team and enjoyable working environment
  • Flexible schedule and opportunity to work remotely within Poland
  • Chance to work abroad for up to 60 days annually
  • Relocation within our 50+ offices
• We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills, and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
  • Language classes in English and Polish for foreigners
• We cover it all:
  • Stable income (Employment Contract or B2B)
  • Participation in the Employee Stock Purchase Plan
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
  • Referral bonuses
  • Corporate, social and well-being events
• Please, note:
  • The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview
  • We will reach out to selected candidates exclusively

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.