WE ARE
SoftServe is a global digital solutions company with headquarters in Austin, Texas, founded in 1993. Our associates are currently working on 2,000+ projects with clients in the USA, Europe, and the APAC region. We are about people who create bold things, make a difference, have fun, and love their work.
Critical Services Center of Excellence (CoE), as a subdivision of SoftServe, is a team of highly professional folks with the primary focus on technology, covering software architecture, startups, and enterprise technologies.
We have a proactive approach while consulting our clients on security management and analyzing the entire infrastructure on multiple layers. In this way, we design an efficient security strategy following the security standards (ISO27k, CIS Benchmarks, NIST, SOC2, HIPAA, PCI DSS, etc.) and considering the client’s short- and long-term goals.
Our comprehensive solution provides exceptional visibility of analyzed security risks, complies with international standards, helps to pass the compliance certification audits, and gives instructions to achieve the desired level of data protection.
Cybersecurity team members are located in Poland, Ukraine, Spain, and other European countries.
IF YOU ARE
- An expert with 5+ years in cybersecurity testing, and practical knowledge across various security domains : Mobile Security, Web Assessment, Network Infrastructure, Cloud Security, binary security (reverse engineering and exploitation would be nice to have)
- Skilled in identifying security vulnerabilities in platforms and providing actionable recommendations to mitigate risks effectively
- Experienced in DAST & SAST & IAST methodologies
- Aware of industry threats, vulnerabilities, and standards : OWASP Top 10 / SANS 25, PCI, HIPAA, GDPR
- Experienced with binary fuzzing, network protocol analysis, investigating unknown security vulnerabilities (0-days) or reproducing the known ones (1st days)
- A holder of security certifications : CISSP, CISA, CEH, OSCP, OSCE, or other security credentials
- Exceptional in both verbal and written communication, capable of leading and influencing virtual teams
- Fluent in English at an upper-intermediate level and comfortable in a multicultural environment
AND YOU WANT TO
Perform penetration testing for networks, infrastructure, and various applications, including web, mobile, web services, and thick client applicationsConduct security audits of applications and infrastructure, including design reviews, source code analysis, integration assessments, and security requirement evaluationsExecute Red Team activities, such as social engineering and security incident simulations, to assess incident response effectivenessDevelop and implement threat modeling processes to identify potential security risks early in developmentCollaborate with development teams to integrate security throughout the SSDLC, promoting secure coding standards and best practicesLead and mentor a team focused on application security, guiding secure coding practices, threat modeling, and risk assessmentsLead pre-sales efforts and recommend the best security approaches based on client business needsInvestigate industry trends, emerging threats, and best practices to continuously improve security postureTOGETHER WE WILL
Work with the world-leading companies and people on a wide range of projects and clientsHave a variety of projects with different types of needs and requirementsOperate towards a highly independent position with total ownership and accountability, but also support when neededGet a great deal of learning and development opportunities along our structured career pathBuild strong security expertise and make this world more secure