Oferta pracy

Head Application Security Expert

T-Mobile

  • offer expired a month ago
  • B2B contract
  • full-time
  • expert
  • home office work, hybrid work
  • remote recruitment
  • запрошуємо працівників з України
ukrainian-friendly-overlay
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України

T-Mobile

Marynarska 12

Mokotów

Warszawa

Technologies we use

Expected

  • Java

About the project

Joining Security Tribe will offer you the space to develop yourself professionally and personally!

You will join a team that is willing to share knowledge and is counting on you to do the same :)

Your responsibilities

  • Identify opportunities to automate and standardize application security controls and cooperate with the CICD team

  • Analyze source code to mitigate identified weaknesses and vulnerabilities

  • Create guidelines and application security standards

  • Review and check automated security testing results

  • Perform software architecture design reviews for both on-prem and cloud deployments

  • Work with engineering teams to help architect and implement solutions that are secure by design

  • Define, document, and supervise implementation of security guidelines and standards

  • Build frameworks and libraries to provide security by default

Our requirements

  • 4+ years of full-time commercial application security experience

  • 4+ years of experience in software development, ideally Java & JavaScript in cloud environment

  • Experience in architecting and building application security on modern tech stacks across multiple platforms (web, mobile, desktop)

  • Prior experience in performing threat modelling and secure design reviews

  • Familiarity with cloud services and their security best practices and secure design patterns - AWS especially

  • Kubernetes and containerization security know-how

  • Knowledge of common appsec vulnerabilities like OWASP Top 10 and cloud security gaps

  • Knowledge of standards like OWASP Testing Guide, OWASP ASVS, NIST and SANS top 20

  • Proficiency in modern and common web stack technologies (HTTP, HTML5, AJAX, REST, ...)

  • Understanding of basic cryptography (encryption, hashing, MACs, digital signatures, TLS, password storage) and how they are applied in web applications

  • Knowledge of protocols (OAuth, SAML, OIDC), flows and best practices

  • At least basic know-how in networks

Optional

  • Application Security related certificates

  • Cloud (Security) related certificates

What we offer

We offer the possibility of remote work and benefits that you can read about below.

  • Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • corporate products and services at discounted prices

  • mobile phone available for private use

  • no dress code

  • parking space for employees

  • extra social benefits

  • sharing the costs of tickets to the movies, theater

  • holiday funds

  • birthday celebration

  • sharing the costs of a streaming platform subscription

  • employee referral program

  • charity initiatives

  • extra leave

  • platforma benefitowa

Recruitment stages
1

Send CV

2

Meet your future Team Leader

3

Job offer

T-Mobile

We are a technology company, and our goal is to create innovative solutions for individual and business clients.

At T-Mobile, we all live in a magenta world! This color is close to our hearts and means faith in the success of undertaken actions, self-confidence, and endurance.

That’s who we are as a team.

At #MagentaTeam , we focus on exchanging experiences, agile work, and quick adaptation to changes! #MagentaTeam is, above all, a mix of different competencies, experiences, personalities, temperaments, and views. And this diversity is our greatest strength.

Scroll to the company’s profile