Application Security & Vulnerability Analyst

Information Security is one of the most interesting professions on the planet. It requires a strong combination of the attacker mentality, a defensive mindset and the ability to constantly observe and adapt to change. We can provide this challenge if you decide to join our team at Banca Transilvania. We can also help you accomplish the transition if you’re coming from an adjacent background. You will be working with state of the art tools and will be having plenty of time to learn along the journey so please don’t get discouraged by the ideal requirements, we are eager to meet you.

We are looking for a gifted colleague with background in software development who knows about infrastructure and network security and is willing to work with a cross-skilled security team.

You will have regular contact with business stakeholders, project managers, DBAs, development, infrastructure and network teams to ensure that projects meet the security standards.

You will also conduct vulnerability assessments for networks, applications and operating systems.

To perform in this role, we would like you to have:

• Programming skills or knowledge about any of the following: JavaScript, Java, .NET, PHP, C, Python
• Security, Automation and DevSecOps mentality plus knowledge about Security as Code
• Communication and strategic thinking to create the right environment for pushing the recommendations to the teams you will be working with
• Good understanding of Vulnerabilities, Management and Patching Lifecycle
• General knowledge about Operating Systems (Windows, UNIX, Linux), Web-servers, Load balancers, Firewalls, Network, Infrastructure, Databases, Authentication systems, Hardening

Nice to have:

• Experience with Agile and Jira to collaborate with business and technical teams for resolution and mitigation of detected issues
• Interest to keep up with emergent security trends and exploits
• Understanding of web related stack and security concepts, knowledge of Virtualized/Cloud Computing environments and security issues related to those environments
• Solid understanding of OSI Model and OWASP Top 10 Web Application Security Risks

If you’ll join our team, you will be challenged to:

• Collaborate with other teams to gather information about application architecture, systems and assets
• Review projects from a security standpoint
• Make sure specific requirements are implemented within the projects
• Identify critical flaws in applications and systems that cyber attackers could exploit
• Propose controls for reducing vulnerabilities to an accepted level
• Present your findings in a comprehensive, prioritized list
• Incorporate feedback from vulnerability team while interacting with other teams
• Make recommendations for remediation and verify the implementation
• Manually validate report findings to reduce false positives

Your contribution will bring great value to the overall security of Banca Transilvania and hopefully it will inspire you to take action and join us aboard.