Descrição:
remote type Hybrid locations Porto - Portugal time type Full time posted on Posted Today job requisition id JR09609
About Planet: Planet is a global provider of integrated technology and payments solutions for retail and hospitality customers. We create great experiences for the millions of people who use our payments, software, and tax-free solutions every minute of every day. Planet empowers its customers to deliver great customer experiences by combining payments and software in ways that drive greater loyalty, increase revenue and save time. Founded over 35 years ago and with our headquarters in London, today we have more than 2,500 employees located across six continents serving our customers in more than 120 markets.
Role Overview:
As an Application Security Engineer, you will be responsible for ensuring the security of web applications, APIs, and mobile applications (APKs). You will work closely with Product and Engineering teams to conduct threat modeling for new applications, embedding security into the development lifecycle and enabling a ‘shift left’ approach to secure engineering practices. Additionally, you will empower engineering teams to write secure code by providing guidance, implementing security best practices, and conducting application security testing, including penetration testing, to proactively identify and mitigate vulnerabilities.
What you will do:
- Collaborate with product and engineering teams to integrate security good practice, and threat modelling into the software development lifecycle.
- Continuously improve security testing methodologies, processes and tools (SAST and DAST) with the Engineering teams.
- Conduct comprehensive manual penetration tests on web applications, APIs, and mobile applications (APKs) to identify vulnerabilities.
- Work with Product and Engineering teams to manage vulnerabilities and security penetration test findings from discovery to timely remediation.
- Perform segmentation tests to ensure proper network segmentation and isolation of critical assets.
- Support the definition and implementation of security requirements for new solutions.
- Enable teams compliance to comply with industry standards and regulations including PCI DSS.
Who you are:
- Minimum 3 years of experience in application security or related roles.
- Proficiency in using application security tools such as Nexpose, Tenable, Rapid7, OpenVAS, Invicti, DASTerdly, Snyk, Checkmarx, Sonar and penetration testing tools such as Burp Suite, Metasploit, etc.
- Preferred certifications include eWPT, PNPT, OSCP, CISSP, GWAPT, or similar.
- Great awareness of cybersecurity trends and hacking techniques. Knowledge of IT general controls, and of standards and methodologies related to OWASP, PTES, NIST, CIS, PCI DSS, ISO 27001.
- A clear understanding of pentest methodologies.
- Promote a culture of security within the organization.
- Ability to work under pressure in a fast-paced environment.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Excellent communication skills, both verbal and written.
Reasonable accommodations may be made in order to allow for an individual to perform the essential functions of this role successfully.
About Us
Company Background Planet provides integrated software, payment and technology solutions for its customers in the Hospitality and Retail sectors and worldwide via a network of global Financial Services Partners. Founded over 35 years ago, we have evolved our services, delivering an innovative digital commerce platform that puts customer experience first. With headquarters in London and around 3,000 expert employees located across six continents we serve customers in over 120 markets.