Security & Test Automation Engineer

Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 53,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

You will become a part of the delivery team for one of our key Customers in the Airspace Industry, taking care of Air Traffic Management, Flight planning and Air Traffic Control capacity planning. Our Customer has embarked on the multi-year journey of IT landscape modernization to improve efficiency of the European Air Traffic Management systems under the most critical programme in European public sector area. Working as a part of the team you will be engaged in the delivery of ground breaking IT systems supporting pan-European aviation and crafting the future of European Air Traffic Management.

Join us on this multi-year journey to reshape the European Skies!

Key Responsibilities:

• Collaborate with architects and product owners to comprehend security requirements and constraints;
• Review security requirements and formulate corresponding security test scripts ensuring comprehensive coverage using security testing tools like Burp Suite, OWASP ZAP, or similar;
• Define, construct, implement, and document robust, modular, and reusable security testing frameworks;
• Develop, execute, and maintain security test scripts using selected security testing tools and methodologies;
• Perform various types of security testing vulnerability assessment and threat modeling against both On-Premises and Cloud architectures;
• Conduct thorough security assessments to identify and log security vulnerabilities, threats, and risks;
• Conduct root cause analysis and provide detailed reports on security issues and recommended mitigations;
• Monitor and analyze security metrics and trends to proactively identify potential security risks;
• Generate comprehensive security test reports for internal and external stakeholders.

Must have skills:

• Minimum 3 years of experience in security testing practices;
• Security testing experience of backend, API/Webservices applications;
• Knowledge of security testing tools such as Burp Suite, OWASP ZAP, etc.;
• Proficiency in scripting languages like Python for security testing automation is desirable;
• Expertise in security analysis and designing security tests;
• Experience with security monitoring and diagnostic tools such as Security Information and Event Management (SIEM) systems;
• Understanding of messaging protocols and API technologies from a security standpoint;
• Knowledge of Unix/Linux operating systems and familiarity with security configurations and best practices;
• Experience with Selenium WebDriver, Cypress, Playwright or similar tool;
• Knowledge and experience with SQL and relational databases;
• Certification in ISTQB Security Tester or Comptia security+ or similar;
• Understanding of networking technologies including encryption, load balancing, and firewalls;
• Familiarity with structured security testing methodologies and processes;
• Experience in producing comprehensive security test reports with clear findings and recommendations;
• Familiarity with DevSecOps tooling such as Bitbucket, Jenkins, or GitLab to integrate security tests into the CI/CD pipeline;
• Excellent analytical and problem-solving skills, with a strong attention to detail;
• Excellent written and verbal communication skills, including the ability to convey complex technical concepts to non-technical stakeholders.

Nice to have:

• Knowledge of Owasp Zap, Burp suite, Nmap;
• Experience in DAST and SAST testing;
• Activity on bug bounty platforms such as HackerOne;
• Experience with Linux administration, Azure, AWS, SoapUI, JMeter/Loadrunner, Maven, Cucumber, Jenkins and Gatling;
• Knowledge of configuring/integrating Bitbucket, Docker, Kubernetes, Ansible;
• Experience with Confluence, ServiceNow and Jira (XRay) would be very valuable;
• Basic knowledge of scripting languages: Bash, Jenkins Pipeline, Python would be a plus.

Our Offering:

• Wellbeing programs & work-life balance - integration and passion sharing events;

• Private medical and dental care;

• Benefits platform – shopping, cinema, sport etc.;

• Co-funding of sport activities, e.g. Multisport & OK system cards, b-active program;

• Courses and certifications e.g. Google Cloud, AWS, ITIL;

• Conferences and Expert Communities;

• Gift packages for special occasions: Easter, Christmas, Children’s Day;

• Appreciation for seniority: additional days off, Atos Jubilee gifts;

• Remote working or commuting allowance;

• Charity and eco initiatives;

• Flexible working hours.
   

What happens next?

• Contact from our Recruiter/HR;
• The 1st Interview with Manager (via MS Teams);
• The 2nd Interview with the Project (via MS Teams);
• Feedback (1-5 business days after the interview);
• Work like you want – remotely, in a hybrid mode or at our offices across Poland.

Please, attach your CV in English!

If you want to find out more or have questions, contact our recruiter Weronika Wojnarowska with LinkedIn.

Let’s grow together.

We take care of your personal data privacy. More information about processing your data within recruitment process you can find on our website: Eviden | Privacy Policy