Product Security Engineer [Poland]

Security Poznań, Poland or Remote, Poland


Description

We’re looking for a hands-on Security Engineer to join our growing Product Security team.

The opportunity:

Security engineers at Egnyte are involved in every stage of the SDLC pipeline to highlight security vulnerabilities and provide expert advice on reducing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.

Currently, we’re seeking an engineer who’s well-rounded in terms of application security and has in-depth expertise in one or more particular areas. You’ll be able to apply your skills to interesting challenges—joining Egnyte is an opportunity to work with diverse technologies and large-scale software (1 million users, 20k transactions per second, 28 Petabytes of data).  Working closely with more senior security engineers will enable you to develop your expertise in the wide range of areas of your choosing.

To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.

Your day-to-day at Egnyte:

  • Work with engineering teams providing expertise and advice regarding secure architecture, design, and implementation
  • Develop reliable and scalable security-oriented tools
  • Work with the rest of the Security Data Governance & Compliance team to ensure you achieve team objectives
  • Perform blackbox and whitebox application and network penetration testing
  • Reproduce, score, and further analyze issues reported through our bug bounty programs 
  • Identify opportunities for vulnerability remediation and mitigation
  • Develop tools, documentation, processes, and techniques to ensure the security of our software
  • Partner with engineering teams in the design phase of new products and features to conduct threat modeling, plus security architecture, design, and code reviews
  • Share your experience with junior engineers to foster a culture of excellence 

What skills are we looking for? 

  • 2+ years of application security experience, offensive security preferred
  • Hands-on experience performing security code reviews
  • Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
  • Being able to learn and find bugs in any language, specifically Java, JavaScript, Go, and Python
  • Solid knowledge of security testing tools and techniques
  • Being a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
  • In-depth knowledge of OWASP guidelines
  • Ability to write and deploy your own tools and automation (preferably in Python)
  • Good command of English that allows you to effectively communicate and perform your tasks (B2/C1+)

Bonus Points:

  • Experience as a hands-on developer in Java, Python, or JavaScript.
  • Experience with security assurance for desktop and mobile applications.
  • Experience running penetration testing against cloud-native applications

What we can offer you:

  • Salary up to 18.000 PLN net + VAT depending on skills and experience
  • Flexible forms of employment and working hours
  • 100% remote work possible 
  • Stock options 
  • Your own Egnyte account with lifetime access 
  • 4000 PLN Gross conference budget per person and additional 4 training days each year 
  • MultiKafeteria: you can choose a MultiSport card or gift cards every month
  • Private medical healthcare
  • In-house English classes
  • Choice of equipment (Apple or Dell)