Senior Web / API Security Engineer

Senior Web / API Security Engineer
[online recruitment]
Location: Krakow
Reference number: VR-56605
Project Description:

Our client is an IT services and operations processing provider for Private Banking entities of the financial Group. Our experienced teams are dedicated, determined and enthusiastic in using their capability and drive for innovation to design, build, maintain and run the delivery of an exceptional and sustainable service to Private Banking clients. The Private Banking entities offer high net worth clients a comprehensive range of private banking, wealth planning and investment management services through the all our brands as well as to designated investment banking clients in the UK and internationally. To anticipate and respond to changing client demand, there is a growing emphasis on delivering a full range of innovative digital services.

Responsibilities
  • Technical business analysis and requirements gathering to support the Open Banking product-lifecycle
  • Requirements engineering and solution design for and around Open Banking BIAM and web security
  • Guarantee a secure application environment as well as platform resilience and performance
  • Analyse incident related errors and implement corrective measures to keep the SLA for our stakeholders
  • Active support of the entire product life-cycle, ensuring IT solutions are not only fulfilling business requirements and regulatory requirements, but are also technically feasible, sustainable and fit-for-purpose
  • Reverse engineering work in already existing and running security solutions and technology stacks
  • Close collaboration with business and technology teams providing them MI reports and data analytics
  • Design, development and implementations of proof-of-concepts and prototypings
Skills

Masters degree in Computer Science, Information Systems or a related field

Good understanding of APIs security: Cryptography, Authn & Authz, Federation, as well as OWASP (TOP 10 vulnerabilities & controls)

Must have understanding of SecDevOps culture and tools (GitOps, CI/CD).

Strong experience in Application Security (threat modelling & risk analysis, secure build testing) and deployment of tools (SCA, SAST, DAST)

Previous experience in Penetration Testing and application code security reviews would be an asset.

Ability to provide innovative, creative solutions to tasks/problems following best practices

Strong analytical, problem-solving and communication skills required

Balance a self-motivated, independent work as well as strong team spirit

Our offer
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Please send your CV with consent for processing your personal data for recruitment purposes using the below button
APPLY
Informujemy, że administratorem danych jest Luxoft z siedzibą w Krakowie, ul. Bora Komorowskiego(dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie.