Details

Contract

Full-Time

Location

Albarraque, Portugal

Department

Information Technology

Openings

1

Job ID

51570750

At PMI (Philip Morris International), we have chosen to do something incredible. We are totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future. With huge change comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. PMI’s journey to a smoke-free future is fueled by technology. The total transformation we are going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions. To join us in IT you will need to be driven and equally happy whether you are taking the strategic view or diving deep into processes. We will make sure you are set up to succeed whatever your project is, our culture is agile and collaborative, and we genuinely believe our people are some of the best you will ever work with. THE RESPONSIBILITIES • Identify potential threats by performing threat modeling, architectural design review, source code review, dynamic application security tests (pen test) for the web, mobile and infrastructure • Coordinate Security assessments and remediations with internal and external Software Engineering Teams • Engage in product features development by leveraging your Security Expertise to shift left activities related to cybersecurity risk assessment • Keep yourself updated on trends and risks related to Information and Application Security and provide guidance for security policies and standards • Coach Security Champions in Engineering Teams to raise awareness on Application Security best practices by • Collaborate with other Security experts in the organization to define training paths, automation tools configuration, reviewing automated static code analysis results. • Participate in design and requirement reviews and providing design solutions that allow the application to maintain security without losing functionality. Incorporate design solution in Development, DevOps and Architectural best practices. • Conduct application-level penetration testing and independent reviews of source code repositories. • Review and improve security architecture of our Products. • Perform security assessments of the Group applications on a recurrent basis to ensure security requirements are being met. Providing security sign-off of applications being moved to live environments. • Conduct source code and dynamic application security reviews in relevant languages (Java, Kotlin, Python, .NET, Go, TypeScript, JavaScript). • Define security test cases during test automation and develop new tools to improve the security of the group gaming application • Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters • Good understanding of HTTP protocols, security controls, API design and security testing   EXPERIENCE: • University degree (Computer Sciences, Information Systems, Engineering, Business Administration or equivalent) • Relevant experience in a similar role • Understanding key processes in Cloud technology • Experience working in an iterative approach to innovation. • Fluency in written and spoken English.   TECHNICAL SKILLS • Identity and Authentication standards such as FIDO and OAuth • Understanding of cryptography • Penetration testing consultancy • Source code reviews • Vulnerability management and identification, including extensive OWASP knowledge • Application security assessments (source code and dynamic) • Automation • Vulnerability research • Security tool development • Experience with static source-code analyzers • Experience with dynamic application security testing tools • Experience with Web-Application Firewalls (WAF) • Software and protocol reverse engineering What you can expect from the company? Our success depends on people who come to work every single day with a sense of purpose and an appetite for progress. Join PMI and you can too: • Seize the freedom to define your future and ours. We will empower you to take risks, experiment and explore. • Be part of an inclusive and diverse culture where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong. • Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress. • Take pride in delivering our promise to society: to deliver a smoke-free future. WHAT WE OFFER YOU? • Private health insurance for you and your household; • Life Insurance; • Employee pension plan; • Lunch card (Ticket); • 26 vacations days; • Wide range of trainings.

Apply