A Pentasia client and their group continues to develop and deliver best-in-class gaming products and experiences.
The Information Security Engineer will support the business with design, testing, and (where necessary) implementation of state-of-the-art secure application systems.
This person must have the ability to work in a team environment with analysts, management, regulators, vendors and customers. Clear communication skills are highly valued for this role.
About the Team
The Security Penetration Tester is an important member of the information Security team. Our client's Information Security Team is responsible for making sure all products are designed and implemented to the highest security standards.
The task at hand:
- Work with various departments to determine what projects require security testing.
- Prioritise, plan and execute penetration tests.
- Perform security tests on internal and external infrastructure.
- Test the security of web applications, mobile applications.
- Simulate security breaches to test a system's relative security.
- Create reports and recommendations from your findings, including the discovered security issues and their level of risk.
- Advise on methods to fix or mitigate security risks for systems.
- Present your findings, risks and conclusions to management and other relevant parties based on their level of knowledge.
- Consider the impact your 'attack' will have on the business and its users.
- Understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
An ideal profile might look like:
- Experienced in participating in and supporting Application Security reviews
- Understanding of threat modeling, including code review, static and dynamic testing.
- A curious person that always wants to learn and understand how to break different technologies, new and old.
- Someone that can work unsupervised, proactive and likes to share information.
- Someone who is comfortable to express themselves in English, both spoken and written.
- Profound understanding of Application Security vulnerabilities and attack techniques described in frameworks such as OWASP Top 10 and MITRE ATT&CK.
- A good understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols).
- A profound understanding of REST, GraphQL and related technologies.
- Extensive experience reviewing code for security issues.
The Perks - Onsite/Remote dependant:
- A competitive base salary
- Continuous leadership development to set you up for success and growth within the role
- A range of training courses, known for continuous learning
- Access to some of the greatest tools and platforms out there
- An incredibly diverse team of smart, motivated colleagues from more than 30 countries
- Private health insurance
As our offices are based in Europe we will only be considering candidates within a similar timezone for this role. Please only apply if you intend to work remotely from +/- 3hour of CEST