CSST Analyst
Mindbox Sp. z o.o.
23000 - 25000 PLN / HOUR
Kraków
Kraków, Lesser Poland
Hybrydowa
B2B
penetration testing
vulnerability assessment
root cause analysis
communication skills
platform security
web application security
programming
TCP/IP
cryptography
security practices
Status
Hexjobs Insights
Role: CSST Analyst. Responsibilities include analyzing vulnerabilities, validating issues, communicating risks, and improving the Bug Bounty Program. Requirements: 4+ years in pentesting, understanding of security risks, and strong communication skills.
Słowa kluczowe
penetration testing
vulnerability assessment
root cause analysis
communication skills
platform security
web application security
programming
TCP/IP
cryptography
security practices
Benefity
- Flexible cooperation model (B2B or employment)
- Hybrid work setup
- Collaborative team culture
- Access to training platforms
- Comprehensive benefits including health care and sports card
- High quality equipment provided
Technologies we use
About the project
Your responsibilities
- Analyze, assess, and respond to security vulnerabilities reported via the Bug Bounty Program
- Reproduce and validate reported vulnerabilities and perform root cause analysis
- Communicate effectively with internal teams and external security researchers
- Collaborate with stakeholders to explain risks and track remediation progress
- Drive improvements in processes, tooling, and automation to enhance program efficiency
- Advise on vulnerability remediation, control implementation, and secure development practices
- Ensure continuous improvement of the Bug Bounty Program in line with cybersecurity strategy
- Note: Detailed project information will be shared during the recruitment process.
Our requirements
- Strong written and verbal communication skills in English
- Ability to clearly articulate technical issues and their business impact
- Hands-on experience in penetration testing (at least 4 years)
- Expertise in at least one pentest domain (infrastructure, web apps, or mobile)
- Solid understanding of platform security models for iOS and Android
- Strong knowledge of web and mobile application security risks
- Practical experience with manual and automated testing methods
- Excellent understanding of TCP/IP, cryptography, and security implications
- Proven programming/scripting skills
- Ability to work independently and solve complex technical problems
Optional
- Previous participation in Bug Bounty Programs
- Familiarity with OWASP MASVS, OWASP MSTG
- Experience with SAST, DAST, IAST tools and security code reviews
- Knowledge of DevOps practices and secure SDLC
- Experience with Java, Kotlin, Objective-C, Swift
- Understanding of OAuth2, JWT, SSL, Biometric Authentication, RASP
- Prior experience with cloud-hosted applications and reverse engineering
This is how we organize our work
This is how we work
This is how we work on a project
What we offer
- Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
- Hybrid work setup – remote days available depending on the client’s arrangements
- Collaborative team culture – work alongside experienced professionals eager to share knowledge
- Continuous development – access to training platforms and growth opportunities
- Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
- High quality equipment – laptop and essential software provided
Benefits
Wyświetlenia: 6
| Opublikowana | 11 dni temu |
| Wygasa | za 19 dni |
| Rodzaj umowy | B2B |
| Tryb pracy | Hybrydowa |
| Źródło |    |
Podobne oferty, które mogą Cię zainteresować
Na podstawie "CSST Analyst"
Nie znaleziono ofert, spróbuj zmienić kryteria wyszukiwania.