Raanana, Israel
In this mission critical role as an Application Security Engineer, you will be part of a dynamic global application security team, working directly with software architects and software engineers to perform penetration testing on software solutions developed within the company. In addition, youll collaborate with engineering to triage security findings and review remediation techniques in order to harden and improve the security of software across multiple types of products.
With NCR Voyix as a software-focused company, youll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And youll be instrumental in helping teams add in security testing as part of their build and release pipelines. produces hardware and software for major companies in Retail, Restaurants, and Digital Banking come help secure the state-of-the-art!
Responsibilities:
Conducting manual penetration tests of software
Assessing risk level of security findings using standard methodologies
Running automated application security tools
Writing and presenting pen test reports to development teams
Consulting with development teams on remediation techniques and defensive coding
Validation testing to confirm findings are closed
Develop, integrate, and enable security engineering test automation into a CI/CD pipeline
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes
Bachelors Degree in Computer Science or related field – equivalent work experience ok
At least 2 years of experience of Application pen testing background
Web application test experience
Web services/API test experience
Mobile application test experience (iOS and Android)
Soft skills – effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.)
Preferred Skills and Experience:
Experience with automation of security testing as part of a CI/CD pipeline
Experience with retail, banking, and/or restaurant software, particularly the types of vulnerabilities and security testing associated with them.
Previous hardware/POS pen test experience
Active participation in cybersecurity forums/conferences, e.g. DEFCON, Black Hat.
Experience with privacy requirements of a global corporation (e.g. GDPR, CCPA)
Security industry certifications, e.g. CEH
