Ta oferta pracy jest nieaktualna od 86 dni. Sprawdź aktualne oferty pracy dla Ciebie

Senior Application Security Specialist

  • Wrocław, dolnośląskie pokaż mapę
  • Specjalista
  • 2018-11-29

    Pracodawca ma prawo zakończyć rekrutację we wcześniejszym terminie.

    Senior Application Security Specialist
    Workplace: Wrocław
    Ref. no: WRO001X0

    EY GDS:

    EY Global Delivery Services means 27.000 specialists providing globally IT, HR, finance, project management and strategic business services to EY member firms. In addition we deliver support and solutions to clients from all over the world. Cyber Security is one of the most important risks facing businesses today. Systems and processes are becoming increasingly interconnected and automated and many organizations are increasingly reliant upon technology to drive business strategy and growth. 

    EY Technology:

    Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day.  Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients.  Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.

    The opportunity

    As application security specialist for the Security certification team, candidate will be resposibal to conduct application vulnerability assessment of EY applications before they move into production and support the team lead to meet overall security certification goals and client requirements.

    Your key responsibilities

    • Capable of conducting application vulnerability assessments.
    • Preparing detailed review reports and leading strategic initiatives.
    • Researching new security areas and domains.
    • Mentoring new team members.
    • Support the team in updating their skill and knowledge.

    Skills and attributes for success

    • Hands on experience of Web, thick client, Mobile, VOIP, Wireless Application security reviews.  
    • Usage of various security tools. Should be familiar with various application testing methodology and tools such as Burp Professional, Nmap, Wireshark, Nessus, echomirage.
    • Exposure and good understanding of the various manual testing methodologies.
    • Should be familiar with automated scan tool Webinspect.
    • Basic Knowledge of programming language like C/C++, C#, JAVA, ASP.NET and familiar with PERL/Python Scripting.
    • Familiar with OWASP and Secure SDLC standards.
    • Knowledge of common security requirements within ASP.NET & Java  application.
    • Good Knowledge of TCP/IP, Network Security. 
    • Knowledge / experience on code review.
    • Good Technical aptitude, problem solving and ability to quickly learn and master new topics and domains.
    • Excellent communication skills; written and verbal.

    To qualify for the role you must have


    • Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in IT and Information Security.
    • 4 - 5 yrs experience in application security assessment.
    • Hands on experience of Web, thick client, Mobile Application security reviews.
    • Exposure and good understanding of the various manual testing methodologies.

    Ideally, you’ll also have

    • Desirable:  IT security Certifications (CEH. ECSA, OSCP).