Summary

Andersen, an international IT company, invites an experienced Information Security Specialist to work on a project for one of our UK customers.

The customer aims to lead in digital payments by enabling fast, efficient, and cost-effective transactions for individuals and businesses. Its patented process ensures trust and security by verifying both parties' identities and securely holding funds until both confirm the transaction. The mission is to eliminate payment fraud, allowing confident transactions. The company operates in Europe, the USA, and Asia.

The project is a modern platform that provides secure payment processing solutions for high-trust transactions, including B2B deals, secondary market purchases, legal settlements, and freelance projects.

Responsibilities

Utilizing SAST, DAST, and SCA within the development pipeline and collaborating with the engineering team to investigate, re-test, and resolve identified vulnerabilities. Conducting internal and external penetration testing and partnering with external experts to proactively uncover potential security threats. Leading architectural reviews and threat modelling to embed security requirements into product designs. Own the secure software development lifecycle and represent application security in ISO 27001 audits, ensuring alignment and compliance with the standard. Contributing towards the broader company technical strategy, to guide it in a more secure direction from a development perspective. Regularly evaluating and reporting on the effectiveness of existing security controls as part of the RCSA process. Contributing to the wider security team and assisting with incident response, monitoring, and routine security operations tasks. Working with the rest of the organisation to build security into everyday functions prioritising a culture of security best practices over barriers. Ensuring compliance with local GDPR guidance.

Requirements

Strong knowledge of secure coding practices and familiarity with security frameworks such as OWASP, BSIMM, or SAMM. Experience with SAST, DAST, and SCA security tooling and the ability to interpret and address their findings. Proficiency in conducting penetration testing and vulnerability assessments, both manually and with automated tools. Solid understanding of software development methodologies and experience working with development teams to integrate security practices into the SDLC. Experience in an Application Security, Penetration Testing, or similar role. Strong communication skills and ability to build effective relationships with engineering teams. Adaptable and thrive in a fast paced, dynamic environment. Level of English – from Upper-Intermediate and above.

Desired skills

A natural enthusiasm for all things application security. Experience with threat modelling and security architecture reviews to identify and mitigate risks in product designs. Familiarity with implementing ISO 27001 within software development environments. Experience with AWS and GCP cloud security services, including WAF, API gateways, key management services, and secret managers. Relevant certifications in security engineering or the general information security space, e.g. one or any of OSCP, OSWE, GPEN, GWAPT, GMOB, CRT, PenTest+.

Reasons to join us

Experience in teamwork with leaders in FinTech, Healthcare, Retail, Telecom, and others. Andersen cooperates with such businesses as Samsung, Siemens, Johnson & Johnson, BNP Paribas, Ryanair, Mercedes, TUI, Verivox, Allianz, T-Systems, etc..The opportunity to change the project and/or develop expertise in an interesting business domain.Job conditions – you can work both fully remotely and from the office or can choose a hybrid variant.Guarantee of professional, financial, and career growth! The company has introduced systems of mentoring and adaptation for each new employee.The opportunity to earn additional up to 1,700 EUR per month by participating in the company's activities.Access to the corporate training portal, where the entire knowledge base of the company is collected and which is constantly updated.Bright corporate life (parties / pizza days / PlayStation / fruits / coffee / snacks / movies).Certification compensation (AWS, PMP, etc).Referral program.English courses.Private health insurance and compensation for sports activities.

Join us!

Apply to vacancy