Details

Contract

Full-Time

Location

Krakow, Poland

Department

Information Technology

Openings

1

Job ID

50397253

MAKE HISTORY WITH US! At PMI, we’ve chosen to do something incredible. We’re totally transforming our business, and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide. With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. JOIN US! WHO ARE WE LOOKING FOR? • Minimum 4 years of experience in ethical hacking/penetration testing/vulnerability assessment/read teaming, preferably in professional services or consulting companies • Professional certifications in ethical hacking (e.g. OSCP, GIAC Penetration Tester, GIAC Web Application Penetration Tester, GIAC Mobile Device Security Analyst) • Proven track record in performing web, mobile and thick client application security testing using well-known methodologies (OWASP, OSMMT or CREST) and techniques (SAST, DAST, IAST, SCA) • Experience in IoT solutions security assessment and penetration testing • Experience in large scale Red Teaming exercises • Demonstrated experience with both automated and manual penetration testing using open source and/or commercial tools • Experience with cloud environments • Knowledge of common web and mobile technologies (e.g. ASP.NET, C#, Java, JavaScript, Ruby, Python) • Good understanding of modern application architectures including microservices, containers, APIs and serverless technologies • Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10 • Considerable technical writing proficiency and oral presentation skills, in English • Practical experience in Agile/DevOps organizations and cultures WHAT WE OFFER YOU? • Private medical and dental care, life insurance • Lunch card (Sodexo) • Remote work opportunity and flexible working arrangements • Employee pension plan • Multisport program • Cafeteria program • Wide range of trainings, optional language classes, further education and professional qualification support possibility • Free bike and car parking for all employees HOW CAN YOU MAKE HISTORY WITH US? • Identify cybersecurity vulnerabilities in PMI applications and systems using a wide variety of methods, e.g. static code analysis, dynamic/interactive testing, manual penetration testing and code review • Describe identified issues in the form of reports and ensure that relevant partners understand the risk that those vulnerabilities pose to the Company • Analyze the scope, methodology and results of ethical hacking activities performed by third parties around the presence of vulnerabilities in systems used or to be used by PMI • Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing work provided by vendors • Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way • Partner with other Information Security leaders to ensure that PMI follows best practices in the application security testing domain by continuously optimizing tools, techniques and methodologies • Keep up to date with the constantly evolving cyber threat landscape and the latest developments in ethical hacking techniques Please note that only online applications will be taken into consideration. Only selected candidates will be contacted.

Apply