Security Whitehat Engineer (hybrid/remote)

Security Whitehat Engineer 

Description 

Nordic Recruitment & Consulting offers rare language, IT, data and security recruitment and business consulting, both with strong Nordic focus and reach. Nordic Recruitment & Consulting is the leading source for all Nordic speakers (Finnish, Swedish, Danish and Norwegian) in Bulgaria.

Having long experience in recruitment we value above all those things that make us successful because of our clients, candidates and partners success: trustworthiness, good communication, Can do-attitude, finding solutions, being flexible; being available. We also have genuine passion for what we do.

The client is a leading German Data company. They are a no-nonsense bunch of people, who are result driven and passionate about data, technology and security.

Business Environment

The Framework and Process Industrialization Department is part of SEE-DDS whose mission is to develop e-commerce solutions specific for airlines.

The main purpose of FPI Department is to help developing new technical solutions that will be used for  e-commerce solutions and to help our teams to easily develop and operate our solutions.

Overall Position Objective

We are recruiting a Security professionals to work in a blended team of Research & Development technologists in Java back-end and Front-end side. 

She/he will contribute to the management of information security in the company with focus on providing consultancy to other departments, driving security-centric projects and monitoring security compliance.

She/he will be responsible for planning, coordinating, and implementing security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information.

Job Requirements

Day to Day You will:

    • Coordinate the elaboration, update, publishing and promotion of the Application security architecture and its strategy.

    • Initiate or support risk analysis, translating their outcome into security policies, requirements, and standards and into consistent and optimized (with respect in particular to cost & effectiveness) set of security controls.

    • Promote and legitimate Application security architecture and strategy.

    • Support Application Security architecture strategy implementation (expertise, design review and approval, design adjustments and ad-hoc palliative measures …)

    • Support the developers in the applying the PCI-DSS

--

Profile

and in all the aspects of the PCI-DSS certification.

    • Support new Projects, new initiatives & businesses with respect to Application security architecture and setup issues: Support or leads the design of corresponding set up. Recommend how to align on security reference architecture and corresponding security controls.

    • Provide consultancy, guidelines and support in Application security architecture to other departments.

    • Contribute to Application security governance processes definition

    • Contribute to global security risk analysis: conduct, coordinate or support security related Risk Analysis management process.

    • Contribute to Application security awareness promotion.

    • Develop, implement, maintain the Information Security Program including computer security and emergency measures policies and procedures.

    • Monitor the Information Security Program effectiveness and update as necessary.

    • Advise and support General Management in all information security related matters, alerting to risks and proposing solutions to minimize them.

    • Promote information security awareness and responsible user behavior.

    • Be comfortable travelling when required.

Education

· Computer Science Degree

· Fluent English both oral and written

Functional Skills

· Knowledge on Ethical Hacking, Webportal testing, network testing, penetration testing.

Technical Skills (considered a plus)

· Programming skills (Java, JavaScript …)

. Security aspects

. HTML-CSS-JS-Angular

Experience

· 2 to 5 years in a technical position

Nordic Recruitment & Consulting's recruitment rights and activities are based upon Recruitment Licence No. 2022 (issued 01.04.2016). Services of Nordic Recruitment & Consulting are fully free for the candidates.