Web Application Security Specialist (DAST), Gdynia

We are looking for an Application Security Engineer (DAST), to help out Strategy and Transformation team in TISO get fast paced in their undertakings. This is an opportunity for you to work in a fact-pacing environment and protect the bank.
Machine learning, robotics, cloud computing. We’re harnessing the power of technology to reinvent the future of banking. A digital revolution is underway – joining us puts you at the heart of it.
Working with skilled, international teams in a fast-paced, agile environment, you’ll play a part in making us truly digital. We all have a role in building the best bank that serves our customers’ changing needs – through innovative solutions, collaboration and partnering with fintechs.
Are you ready to embark on a learning journey where we lead the way and push the limits in transforming the future of banking?

Your future responsibilities

You’ll join Technology Information Security Office, where we protect the bank. 
What you’ll be responsible for: 
  • Execute Dynamic Application Security Testing (DAST) for clients’ applications and infrastructure 
  • Apply automated testing methods to detect security related weaknesses  
  • Onboarding of Web Applications based on different technologies to DAST tool 
  • Dynamic Application scanning, scanning configuration, and vulnerability testing 
  • Security testing of Web Services (SOAP, RESTful) 
  • Read and interpret vulnerability assessments including testing methodology and results 
  • Identifying, communicating, and providing targeted remediation of vulnerabilities 
  • Collaborating with technical and management personnel across whole organization 
  • Delivering regularly aggregated reports of vulnerability findings to line manager 
The role is based in Gdynia, Poland.  

Who you are

Collaboration. Ownership. Passion. Courage. These are the four key values that guide us in being at our best. We imagine that you enjoy learning and are excited about bringing your ideas to the table. You’re dependable, willing to speak up – even when it’s difficult – and committed to empowering others.
Your profile and background: 
  • 0-3 years of experience in Dynamic Application Security testing and associated tools like : Burp, Selenium IDE or Qualys WAS 
  • Understanding of Internet Fundamentals - HTTP, SMTP, SSL, Firewalls, Web Servers, etc. 
  • Basic understanding of key Networks/networking concepts (servers, routers, switches, TCP/IP, OSI model, DNS,) 
  • Basic network troubleshooting (ping, traceroute, whois, netstat, dig), and knowledge of web server troubleshooting (e.g. telnet, curl, wget, wireshark, and ssh) 
  • Knowledge about multiple web application architectures including REST APIs and Single Page Applications 

Nice to have requirements, but not mandatory: 

  • Understanding of security audit process 
  • Experience in development of security-related documentation 
If this sounds like you, get in touch! 

More information

At nordea.pl, you can read more about us and the benefits you’ll get when joining the Nordea team. 
At Nordea, we recruit from the widest possible pool and hire the best person for the job. Because diversity makes us stronger. And once you are on board, you will find that we offer equal opportunities to everyone. 
Please submit your application no later than 12 June 2019. 
Great people often know great people – please share if you have a friend who could be a perfect match for this job.  
To all recruitment agencies: Please note, we don’t accept unsolicited resumes for any of our positions. All contact regarding agency resumes should be directed to Nordea Talent Acquisition which handles everything related to recruitment.
Please include permit for processing personal data in CV as following:  
In accordance with art. 6 (1) a. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) hereinafter ‘GDPR’. I agree to have my personal data proceeded for the purposes of current and future recruitment processes in Nordea Bank Abp Branch in Poland.  
The administrator of your personal data is: Nordea Bank Abp Branch in Poland, Aleja Edwarda Rydza Śmiglego 20, 93-281 Łodź. Your personal data will be processed for the recruitment processes in Nordea Bank Abp Branch in Poland. You have a right to access your personal data, right to rectify and right to delete. Disclosing the personal data in the scope specified by the provisions of Polish Labour Code from 26 June 1974 and executive acts are mandatory. Providing additional personal data is voluntary however necessary to conduct the recruitment processes. The request for the deletion of your personal data means resignation from further participation in recruitment processes and causes the immediate removal of your application. Detailed information concerning processing of your personal data can be found at: http://nordea.pl/odo.pdf 
We reserve the right to reply only to selected applications.