QA Lead @ Mindbox S.A.
(práce v Polsku)

QA Lead @ Mindbox S.A.

Polsko

Essential requirements:

•        Strong written and verbal communication skills in English language – used for all formal communication.
•        Ability of critical thinking to form and clearly articulate identified issues and their consequences.
•        Ability to comfortably hold a conversation on cyber security aspects with both technical and non-technical audience.
•        Maintain a wide breadth of penetration testing and/or leadership management skills to a significant degree of depth.
•        Understand the business context/significance of technical pentest findings.
•        Consistently output superior quality of deliverables.
•        Poses an entrepreneurial attitude to excel in loosely defined scenarios.
•        Ability to work independently
•        Be subject matter expert in at least 1 of pentest domains (i.e. infrastructure/apps/mobile).
•        Demonstrated ability to solve complex technical problems.

The ideal candidate for this position will have:

•        At least 4 years of prior demonstrable hands-on experience in penetration testing.
•        Previous participation in Bug Bounty Programs would be a plus.
•        Solid understanding of the platform security models for iOS and Android platforms.
•        Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.
•        Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.
•        Excellent TCP/IP knowledge and understanding of security implications/issues.
•        Strong web application testing experience.
•        Proven programming/scripting skills.
•        Ability to explain security functionality from first principles.
•        Ability to adapt and apply information to new scenarios and technologies.
•        Strong understanding of applied use of cryptography in application development.
  

Desired skills:

•        Strong grasp of common technologies, protocols and architectures that are commonly used by mobile application. (HTML, XML, JavaScript, JSON, REST, Microservices etc.)
•        Strong understanding of software development lifecycles especially DevOps
•        Experience with dynamic and static application security testing and associated tools.
•        Experience with performing security code reviews for Java, Objective C, Swift and Kotlin programming languages
•        Strong initiative, consensus-building and ability to collaborate directly with a variety of clients (business, development, compliance, etc.)
•        Experience with mobile security testing frameworks such as OWASP MASVS, OWASP MSTG.
•        Knowledge of enterprise application design & common security issues associated with it.
•        Advanced knowledge of common security analysis tools and testing techniques especially for the mobile security space.
•        Hands-on experience with SAST, DAST, IAST tools and ways to supplement their limitations.
•        Knowledge of security verification of mechanisms & technologies such as SSL, Pinning, Biometric Authentication, Out of Band Authentication, JWT, SAML, RASP, Oauth2 etc.
•        Prior software programming and development experience especially of iOS & Android platforms is a plus.
•        Prior programming experience with Java, Kotlin, Objective C & Swift programming languages would be a plus.
•        Prior experience with security testing or secure application development for a large enterprise would be a plus.
•        Prior experience with cloud-hosted applications & services would be a plus.
•        Experience in reverse engineering or disassembly considered a plus.

Creating an inspiring place to thrive for the talented, we use their expertise and courage to introduce the technology of the future into your business. - This is the foundation of Mindbox and the goal of our business and technology journey. We operate and develop in four areas:

? Autonomous Enterprise - automation of business processes using RPA, OCR, and AI.

?Business Managment Systems ERP - we implement, adapt, optimize, and maintain flexible, safe, and open ERP of production and distribution companies worldwide.

?Talent Network - we provide access to the best specialists.

☁ Modern Architecture - we build integrated, sustainable, and open CI / CD environments based on containers enabling safe and more frequent delivery of proven changes in the application code.

We treat technology as a tool to achieve a goal. Thanks to our consultants reliability and proactive approach, initial projects usually become long-term cooperation. For over 16 years, it has provided various services to support clients in digital transformation.

#LI-Hybrid

We’re seeking meticulous Quality Assurance (QA) Engineers to join our dynamic Quality Engineering team, assuring the next iteration of our cutting-edge SaaS/BaaS product. You will be responsible for the end-to-end quality assurance lifecycle, ensuring a robust and reliable product experience for our clients.

Kraków: 6 days/month from the office

We offer:

• We are open to the employment form according to your preferences
• Work with experienced and engaged team, willing to learn, share knowledge and open for growth and new ideas
• Hybrid or remote working system
• Mindbox is a dynamically growing IT company, but still not a large one – everybody can have a real impact on where we are going next
• We invest in developing skills and abilities of our employees
• We have attractive benefits and provide all the tools required for work f.e. computer
• Interpolska Health Care, Multisport, Warta Insurance, training platform (Sages)

,[Analyzing, assessing and responding to the security vulnerabilities received as part of Bug Bounty Program., Researching and reproducing the security vulnerabilities, Performing the root cause analysis of the security vulnerabilities., Effectively communicating with the internal teams, Effectively communicating with the external security researchers, Working closely with the appropriate stakeholders across departments to help them understand the risks, and the track remediation., Driving improvements including tooling, automation, and setting up processes, Help drive the maturity of Bug Bounty Program by continuously improving quality of our services and removing inefficiencies, in line with wider Cybersecurity strategy., Advise on vulnerability remediation, control implementation and secure development practices] Requirements: Communication skills, Security, Cryptography, Testing, Degree, Excel, iOS, Android, Automated testing, TCP, Protocols, HTML, XML, JavaScript, JSON, REST API, Microservices, DevOps, Static application security testing, Java, C, Swift, Kotlin, OWASP, SAST, DAST, SSL, SAML Additionally: Sport subscription, Private healthcare, International projects, Free coffee.

Kategorie

testing

Odpovědět na inzerát