Security Engineer (f/m/x)
Location: Osijek, Varaždin, Zagreb & partly home office
IBM iX – It’s never been a better time to be a creator.
We are a consultancy, digital agency, design studio, and tech company all rolled into one. Our 1,200+ experts in DACH and Croatia guide people, brands, and organisations in an agile and collaborative way: from analysis and concept via business case, design vision, and MVP development to roll-out and operations. We believe “Good Experience is Good Business”. That’s why we put human experiences first in everything we do. Together we help to shape a sustainable future: with digital products, services, and experiences that connect people.
At IBM iX, cybersecurity incorporates architecture, governance, identity and access management, threat mitigation, issue and compliance management, risk assessment/consulting, security consulting, penetration testing and strategic planning. The Security Engineer leverages business knowledge and technical experience in cybersecurity to create a secure environment for the business.
You feel at home in the world of digital trends and love to create relevant content? Then become a part of our IBM iX Family now.
- You perform in-depth web security assessment to identify security issues and risks
- You research and incorporate new security tools and techniques to improvise overall application security assessment approach
- You provide end to end support to remediate security vulnerabilities
- You review the deliverables of other team members to ensure the delivery quality
- You continuously research on latest security trends, business logic flaws, and novel attacks
- You enhance web application and source code vulnerability knowledge base on various technologies
- You develop or extend in-house tools and automated scripts to enhance the assessment quality
- You have hands-on experience of conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25, WASC, ASVS and NIST
- You have a security architecture mindset to be able to provide appropriate guidance
- You have experience in source code review of web applications using SAST tools as well as identifying the false positive security issues
- You have experience on working with tools such as Burp Suite, Checkmarx/Veracode, OWASP ZAP Scanner, Pentesting tools in Kali/Parrot, etc.
- You have very good understanding of HTTP and Networking fundamentals
- You have ability to automate certain security test cases or write PoC using scripting language (Python, Shell Script, Ruby/Perl, etc.) wherever required
- Effective documentation, artefacts capturing, communication, and interpersonal skills are some of your strengths
Our Benefits and Your Perspective
In order to bring our visionary ideas to life, we need high-flyers from a wide variety of fields who can cope with fast-paced digital expansion. Our Academy supports this in combination with various offers for our employees.
With us, you can shape your career yourself and benefit from our Academy training portfolio: we work with career pathways, 360° feedback and development plans to give our employees the best possible training opportunities. Want to find out more?
IBM iX is committed to creating an inclusive workplace offering equal opportunities to everyone. We especially encourage all people with their individual diverse backgrounds and perspectives to apply.
Questions about the job?
Please do not hesitate to contact:
Talent Acquisition Consultant
+385 91 601 50 11