Responsibilities

Performs web and mobile applications vulnerability assessments and penetration testing activities.

Effectively communicate and coordinate with engineers, leads and stakeholders to deliver quality and security to the product.

Write client reports with your findings and recommendations using your top-notch English writing skills and exceptional attention to detail.

Provides support to product owners in fixing vulnerabilities.

Triage SAST and DAST scans findings.

Participates in development of team processes.

Train and educate developers and teams in secure coding techniques including use of supporting toolsets and enable them to self service.

Continuously develops professional knowledge and skills.

WHAT WE EXPECT FROM YOU / REQUIREMENTS:

3+ years of professional experience with web and mobile application security, and at least 1 year of ethical hacker/pentester experience.
Strong knowledge of web and mobile security fundamentals.
Solid knowledge of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies).
Strong understanding of the most critical security risks to web applications(OWASP Top 10).
Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns.
Hands-on experience in web vulnerabilities finding and exploitation.
Hands-on experience in application security testing software and common penetration testing tools (Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.).
Knowledge of IT technologies (network protocols, Web, clouds, operating systems, database systems).
Basic knowledge of one or more multiplatform scripting languages (eg. Python).
Experience in software development practices and methodologies (SDLC).

WILL BE A GREAT PLUS:

Programming/development experience.

Knowledge of pipeline and CI/CD principles. Embed security across the CI/CD roadmap (SSDLC).

Understanding and hands on experience in cloud security (AWS/Azure).

Experience in threat modeling activities.

Bug bounty experience.

Awareness of privacy and security regulations and compliance frameworks.

Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.

NIX is a global supplier of software engineering and IT outsourcing services

NIX teams collaborate with partners from different countries. Our specialists have experience in developing innovative projects from ecommerce to cloud for some of the largest companies in the world, including from the Fortune 500. The teams are focused on stable development of the international IT market, business, and their own professional skills.

Internet Services and Software

Logistic

Medicine

E-commerce

Education

Finance and Banking

WE OFFER:

Stable long-term work environment.
Private health insurance (Medicover).
Paid English courses and conversation clubs.
Opportunities for professional and personal growth.
Mentoring program, internal and external professional training programs.
Comfortable office in the 13th district of Budapest.
Every necessary tool and device in the office will be provided to comfortably perform all project tasks: computers, meeting rooms, spacious modern kitchens with professional coffee machines, comfortable recreation areas with game consoles, board games, and a selection of literature for every taste.
Support and care from our friendly team.

NIX Gallery

Become a part of the NIX team

Get Familiar with our similar vacancies

Hot 🔥

#Security

Application Security Engineer

Learn More

Application Security Engineer

WHAT WE EXPECT FROM YOU / REQUIREMENTS:

3+ years of professional experience with web and mobile application security, and at least 1 year of ethical hacker/pentester experience.

Strong knowledge of web and mobile security fundamentals.

Solid knowledge of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies).

Strong understanding of the most critical security risks to web applications(OWASP Top 10).

Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns.

Hands-on experience in web vulnerabilities finding and exploitation.

Hands-on experience in application security testing software and common penetration testing tools (Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.).

Knowledge of IT technologies (network protocols, Web, clouds, operating systems, database systems).

Basic knowledge of one or more multiplatform scripting languages (eg. Python).

Experience in software development practices and methodologies (SDLC).

NIX is a global supplier of software engineering and IT outsourcing services

WE OFFER:

Stable long-term work environment.

Private health insurance (Medicover).

Paid English courses and conversation clubs.

Opportunities for professional and personal growth.

Mentoring program, internal and external professional training programs.

Comfortable office in the 13th district of Budapest.

Every necessary tool and device in the office will be provided to comfortably perform all project tasks: computers, meeting rooms, spacious modern kitchens with professional coffee machines, comfortable recreation areas with game consoles, board games, and a selection of literature for every taste.

Support and care from our friendly team.

NIX Gallery

Become a part of the NIX team

Get Familiar with our similar vacancies

Application Security Engineer