- Notera att ansökningsdagen för den här annonsen kan ha passerat. Läs annonsen noggrant innan du går vidare med din ansökan.
Give yourself an outstanding opportunity to develop and form a career in a dynamic and international environment. We are now looking for a Security Analyst to join us at G+D Mobile Security for a permanent position based in Stockholm.
Your future tasks
In this role at G+D you will perform security architecture reviews and code inspections to identify application security vulnerabilities. We are looking for a driven person, who naturally takes initiative and ownership. It is important you have the ability to see issues on a system level and are experienced in working as a team player in globally distributed teams.
This is a strategically important role for us since you will be consulting the development teams on security issues and be responsible to report security investigation results and evaluation of related security risks. Moreover, you will also do:
- Execution of security analyses based on global security standards (esp. OWASP ASVS) and specific stakeholder security requirements
- Execution of logical software attacks / penetration tests against client-server applications within a globally structured R&D organization
Who are you?
- University degree in engineering, mathematics, physics or computer science
- Hands on working experience as a Security Analyst or Pen Tester
- Professional knowledge or certificate of relevant Security Standards (OWASP ASVS, GSMA, PCI, NIST)
- Experience with automated and manual Security Inspections in software development environments
- Experience in Threat and Vulnerability Assessment technologies and methods
- Professional experience in Penetration Testing, common security tools (Kali, ZAP,...) and analysis tools (e.g. SonarQube, Black Duck)
- Profound knowledge in Web, Client/Server and Cloud based technologies (REST, SOAP, JWT, Azure, Angular, SAML, OAuth, OIDC)
- Solid know-how in different Operating Systems, virtualization systems and frameworks (Linux, Windows, Spring, Docker, Kubernetes)