About the role
This Security Testing Engineer role at If is focused on performing and enhancing security testing for production applications and systems. You'll be deeply involved in offensive security activities, including penetration testing and vulnerability assessments, while also serving as an internal consultant. This involves sharing knowledge, creating guidelines, and providing training to development teams and other IT stakeholders to improve overall security practices.
The position offers an inspiring and flexible work environment within a modern hybrid IT setting, allowing for significant professional growth and development. You'll work in an informal, performance-oriented culture where each day brings new challenges and learning opportunities, making it an excellent fit for a seasoned professional eager to make an impactful contribution to cybersecurity.
.
What are you going to do?
- As a security testing expert, you’ll conduct and participate in offensive security tests against If’s applications and systems.
- Assess security maturity of networks, assets, hardware, platforms, and applications from adversary point of view.
- Plan security testing roadmap.
- Run and maintain automated security scan solutions and attack surface management tools
- Report on and prioritize findings to development teams, vendors and other stakeholders
- Support Site Reliability Engineers team and collaborate with development teams to address security defects before, after and during development.
- Develop and maintain tools and techniques for security testing and attack surface management.
- Communicate new developments, breakthroughs, challenges, and lessons learned to relevant team members and leadership.
- Participate in developing internal processes and frameworks around security testing.
- Lead and collaborate on additional projects, assignments or initiatives as required.
- Show commitment to learning and the never-ending curiosity of all things related to security.
What do we expect from you?
Must have
- Related certificates (e.g., OSCP) are considered as an advantage
- Overall understanding and hands-on experience of IT services, operations, infrastructure, and application development
- At least two years performing security testing as a primary job responsibility, including the use of professional penetration testing tools (e.g., Burp Suite)
- Sound understanding of application and network security vulnerabilities (e.g., OWASP Top 10), defense techniques and security best practices
- Experience with modern application development languages and frameworks (e.g., Node.js, Java, Python, React, Angular).
- Basic scripting skills in PowerShell and Visual Basic are considered as an advantage.
- Systematic problem-solving approach coupled with strong communication skills and a sense of ownership and drive.
- Day-to-day responsibilities require a good/excellent level of English to communicate with clients and colleagues from other countries.
- Suitable degree (e.g., Bachelor's degree in Computer Science or a related field)
Our promise to you
- Monthly salary: €3500 – €5000 gross depending on your qualifications
- Various financial benefits: annual bonus, discounts on our products for you and your family, gifts, etc.
- Job location: Riga (hybrid working model)
- Challenging and exciting projects with autonomy to plan own tasks
- Personal development and training opportunities
- Strong company culture: company events, interesting speakers, and other inspiring initiatives
- Care for your health: health insurance, fruits in the office
- Extra vacation days
- A recently renovated office in Riga centre with a 24/7 gym on the premises
- Compensation for an ergonomic home office
Read more about benefits for our employees
In case of further interest, we will contact you within 2 weeks after the deadline.
The information you provide in your application and CV will be processed for recruitment purposes within If Group and shall not be used in other contexts or by other organizations.
About If P&C Insurance Ltd
At If Insurance, we serve 3.7 million customers in the Baltic and Nordic countries. Our Baltic IT department comprises ~35% of our total IT specialists. They excel in solution development, testing, infrastructure maintenance, security, UX, and more. This ensures top-notch solutions for our Scandinavian and Baltic customers and a stable work environment for all If employees.
Our in-house IT solutions enable a comprehensive understanding of customer needs.