Security Specialist

We’re developing a next-generation B2B data governance platform that enables some of the biggest companies around the world to manage and govern their data with ease. Sound like something you want to be part of? Join our Offensive Security team and help us make our software more robust, reliable, and secure.
Not based in Prague? If you’re open to either remote cooperation or relocation, reach out to us anyway to find out what the options are. #LI-hybrid

Your challenge

• Focus on security for application scenarios and application deployments both in cloud & on-premise. 
• Help us to identify potential vulnerabilities in our product architecture.
• Design, execute, and validate penetration tests.
• Keep learning and apply new knowledge in real world security scenarios. 

Is this you?

• You have experience with web application penetration testing according to the OWASP ASVS standard and "out of the box" standard.
• You know at least one programming or scripting language on the level of writing proof-of-concepts, scripts for automatization or offensive security/pentesting tools - Python, Bash..
• You are strong in cloud security principles and technologies (Azure, AWS, ...)
• You have knowledge of attacks / malicious techniques (SQL Injection, CSRF, Clickjacking, XML external entity injection, etc.).
• You have knowledge of symmetric and asymmetric cryptography. 

Skills and technologies

• OAuth, OIDC, SAML
• PKI, SSL / TLS, certificates
• LDAP, ActiveDirectory, federation
• SSO (including environments with reverse proxies)
• Security-related HTTP headers
• (X-Frame-Options, Content-Security-Policy, Strict-Transport-Security, etc.)
• Kerberos

Bonus knowledge

• Security oriented certification is an advantage (SANS, Offensive Security, eLearnSecurity and/or similar)
• SOC2, NIST Standards, CIS Benchmarks, ISO 27001, GDPR
• OWASP, ASVSv3, CVSSv3
• Spring Security, Keycloak

You. Shall. Not. Pass.

Perks & Benefits- Flexible working hours and unlimited home office- 5 weeks of vacation, 2 sick days, an additional personal day for each year you’re in the company- Personal & professional development, education (online language and other courses, conference tickets, a well-stocked office library)- Experienced team to support your professional growth- “Unlimited playground” (Room to adjust and expand your role, or switch teams based on your individual skills and interests).- Lucrative employee referral program- Modern hardware/equipment (laptop, mobile phone, headphones, office chair, desk, monitor for your home office)- 20/50 GB of mobile data to improve your home office work experience- Annual package of counseling sessions to support your mental health & well-being- FlexiPass/Multisport card, free entrance to the Prague Zoo and Botanical Garden- Employee appreciation gifts throughout the year- Relaxed work environment, offices in Karlín- Office bikes, skateboards, and electric scooters- Great coffee and refreshments in the kitchen