We are looking for a Standard/Senior Application Security Engineer that will help our product teams to deliver secure and state of the art software in the Digital Hangar.
The focus of Digital Hangar (DH) is the improvement of passenger experience throughout the whole journey. The projects that are in focus are Lufthansa Group (Lufthansa, SWISS, Austrian and Brussels) main web portals, mobile apps (iOS and Android) and B2B platforms. On top we are developing our own R&D solutions within Hangar initiatives.
Who are we?
Lufthansa Systems Poland is acclaimed and widely recognized provider of superior services and IT solutions for the aeronautical, logistic and financial industries. As a part of the Lufthansa Group we implement technological solutions and dedicated services.
What do we expect?
- Practical understanding of web application security issues,
- 2+ years of professional experience in the field of Security,
- 2+ years of professional experience in the field of Software Development or/and Quality Assurance,
- Working knowledge of common security tools (fuzzers, Burp Pro, SonarQube, Checkmarx, etc.),
- Knowledge of security aspects including OWASP Top Ten, and secure coding best practices,
- Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools,
- Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review,
- Understanding of main areas of protection and levels of defense,
- Android and iOS mobile application security testing.
Why do we need you?
Your responsibilities will include:
- Assess Lufthansa Group applications and systems for compliance with LH policy and best security standards like OWASP ASVS, OWASP Top 10, CWE Top 25,
- Conduct validation reviews of security controls across the different projects to identify, assess, and make recommendations to improve the effectiveness of security controls implementation,
- Understand our current security model, and continue to propose and implement improvements to it to counter any possible threats,
- Keep up to date with security trends and news, and be alert for any new threats that could affect us,
- Establishing Secure SDLC on the project,
- Educate our projects members on security matters,
- Perform application security trainings for development teams,
- Working closely with software development projects.
What do we offer?
- An international working environment, atmosphere that stimulates development,
- Individual career path,
- Flexible form of cooperation (employment contract or B2B),
- Salary in the range of 10 000 - 21 000 zł gross (contract of employment) or 83 - 175 zł net (+VAT)/h (B2B contract),
- Lufthansa Group membership benefits,
- Flexible working time and place adjusted to employee’s needs. Possibility of starting your workday between 07:00 and 11:00,
- Workplace adjusted to employee's needs,
- Support for your passion for sports within the local activity group and co-financing Multisport cards,
- Private medical care for employees and their family members.
Please be informed that mentioned benefits may vary in different forms of cooperation.