Cybersecurity Analyst (Pentester) in Constanţa

SIEM (junior) Ruby (junior) Python (regular) Burp Suite (master) Kali Linux (master) Cybersecurity (master) OWASP (master) SQL Injection (master) Bash (master) Linux / Unix (master) Do you want to join us on an ambitious mission to secure the digital world? Keepit is looking for Cybersecurity Analyst (Penetration Tester) to join our SOC Team in Krakow, Poland! We are growing fast as a company and do our best to bring our SaaS cloud-based backup services to the global audience. Our platform is designed to provide customers with an immutable historical archive of their primary data in systems such as Microsoft 365, Google Workspace, Salesforce, Azure AD, Dynamics 365, and Zendesk. It aims to protect them against everything, from ransomware to simple accidents. Most of our back-end components are written in clean, modern C++ using mainly purpose-built components and STL. Several components that deal with business processes and data mining are built using Common Lisp. Everything runs on Linux. Backing up billions of objects over foreign APIs using imperfect networks on systems with finite memory and making it all happen in as little time as possible, is no small feat. Job summary: We are looking for a skilled Cybersecurity Analyst (Penetration Tester) with experience in web pen testing to join our team. The ideal candidate will possess a strong understanding of web application security vulnerabilities and attack vectors, and be able to perform penetration testing on internal web applications. The candidate will also be responsible for identifying and mitigating security risks across our organization. Central tasks as Cybersecurity Analyst (Penetration Tester) with Keepit will include: Conduct web application penetration testing to identify and exploit vulnerabilities Perform vulnerability assessments on web applications and systems to identify vulnerabilities Develop and implement security policies and procedures Monitor and analyze security events and alerts using SIEM systems Collaborate with IT and development teams to remediate vulnerabilities Keep up-to-date with emerging threats and technologies in the field of information security Provide recommendations for improving the overall security posture of the organization Perform risk assessments to identify areas of potential risk to the organization Work with other members of the security team to respond to security incidents Identify and respond to cyber-attacks Design and implement security controls and measures to protect the organization from cyber threats Conduct security awareness training for employees to educate them on best practices for information security Required skills: Bachelor's degree in Computer Science, Information Security, or a related field At least one year of experience in information security, with a focus on web application security Experience performing web application penetration testing using tools such as Burp Suite, OWASP ZAP, or similar Knowledge of web application security vulnerabilities, such as XSS, SQL injection, CSRF, etc Familiarity with security frameworks, such as NIST, ISO 27001, or CIS Controls Experience with vulnerability scanning and management tools, such as Nessus, and OpenVas Experience with SIEM systems to monitor and analyze security events Ability to effectively communicate security risks to technical and non-technical stakeholders Strong analytical and problem-solving skills Experience with scripting languages, such as Python or Ruby, is a plus Relevant industry certifications, such as OSCP, CEH, or GWAPT, are a plus If you meet these requirements and are passionate about information security, we encourage you to apply for this exciting opportunity. A fair and transparent recruitment process During the recruitment process, you can expect the following stages: HR interview and technical pre-screen Technical interview Technical assignment The final conversation with CTO We offer: A unique working environment where your opinion matters Full-time long-term employment UoP contract Four additional working days of vacation leave per full calendar year (i.e., 30 working days in total) Health Insurance and Life Insurance Employee Capital Plan (PPK) Multisport card compensation Full or partial coverage of professional training sessions, meetups, and conferences on request Cozy office in Krakow city center (Długa, 72) with beverages, fruit, and cookies A hybrid type of work is an option Winter and summer parties, events, team-buildings We kindly ask you not to provide us with any sensitive categories of personal data when applying for a job with us. Sensitive categories of personal data include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health or data concerning your sexual orientation. When applying for the vacancy Keepit will process your personal data, and therefore we recommend that you also read our privacy policy, which describes our processing of personal data and your rights as a data subject.