NIX Tech, a global supplier of software engineering and IT outsourcing services, is looking for a Application Security Engineer in its office in Budapest (Váci Greens, 13th district). You’ll be part of a team of professionals who are ready to find the best tailor-made IT solutions for their multinational clients in various industries and solve complex problems.
Role and Responsibilities:
– Perform web and mobile applications vulnerability assessments and penetration testing activities
– Effectively communicate and coordinate with engineers, leads, and stakeholders to deliver quality and security to the product
– Write client reports with your findings and recommendations using your top-notch English writing skills and exceptional attention to detail
– Provide support to product owners in fixing vulnerabilities
– Triage SAST and DAST scan findings
– Participate in the development of team processes
– Train and educate developers and teams in secure coding techniques, including using supporting toolsets and enabling them to self-service
– Continuously develop professional knowledge and skills
Required Technical and Professional Expertise:
– 3+ years of professional experience with web and mobile application security and at least 1 year of ethical hacker/pentester experience
– Strong knowledge of web and mobile security fundamentals
– Solid understanding of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies)
– Strong understanding of web applications’ most critical security risks (OWASP Top 10)
– Solid knowledge of the various vulnerability types, their root causes, exploitation techniques, and mitigation patterns
– Hands-on experience in web vulnerability finding and exploitation
– Hands-on experience in software application security and standard penetration testing tools: Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.
– Knowledge of IT technologies: network protocols, web, cloud, operating systems, database systems, etc.
– Basic knowledge of one or more multi platform scripting languages (e.g., Python)
– Experience in software development practices and methodologies (SDLC)
Nice to Have:
– Programming/development experience
– Knowledge of pipeline and CI/CD principles and embedding security across the CI/CD roadmap (SSDLC)
– Understanding and hands-on experience in cloud security (AWS/Azure)
– Experience in threat modeling activities
– Bug bounty experience
– Awareness of privacy and security regulations and compliance frameworks
– Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.
What we offer:
– Stable long-term work environment
– Comfortable office in the 13th district of Budapest (Vaci Green)
– Every necessary tool and device in the office will be provided to comfortably perform all project tasks: computers, meeting rooms, spacious modern kitchens with professional coffee machines, comfortable recreation areas with game consoles, board games, and a selection of literature for every taste
– Paid English courses and conversation clubs
– Opportunities for professional and personal growth
– Mentoring program, internal and external professional training programs
– Support and care from our friendly team
