This job offer is not available in your country.

Cyber Security Engineer

VerifonePoland

30+ days ago

Job description

Why Verifone

For more than 30 years Verifone has established a remarkable record of leadership in the electronic payment technology industry. Verifone has one of the leading electronic payment solutions brands and is one of the largest providers of electronic payment systems worldwide.

Verifone has a diverse, dynamic and fast paced work environment in which employees are focused on results and have opportunities to excel. We take pride in the fact that we work with leading retailers, merchants, banks, and third party partners to invent and deliver innovative payments solution around the world. We strive for excellence in our products and services, and are obsessed with customer happiness. Across the globe, Verifone employees are leading the payments industry through experience, innovation, and an ambitious spirit. Whether it’s developing the next platform of secure payment systems or searching for new ways to bring electronic payments to new markets, the team at Verifone is dedicated to the success of our customers, partners and investors. It is this passion for innovation that drives each one of our employees for personal and professional success.

What's exciting about the role

As a Cyber Security Engineer you will be responsible for designing, implementing, and maintaining security measures to protect our organization's computer systems, networks, and data. The ideal candidate will have a deep understanding of cyber security methodologies, a strong technical background, and the ability to stay ahead of emerging security threats.

General Responsibilities :

Help develop and implement security policies, protocols, and procedures.
Conduct regular security assessments, vulnerability scans, and penetration testing.
Design and implement security solutions, including firewalls, intrusion detection / prevention systems, and encryption technologies.
Prepare and present reports on security status and incidents to management.
Stay current with the latest security trends, threats, and technology solutions.
Understands, reviews, and interprets vulnerability assessment and scanning results, reduce false positive findings, and act as security advisor to business unit partners.
Creates detailed risk assessment reports which explain identified technical and logical security findings, describes potential business risks, and presents prioritized recommendations.
Develop and maintain documentation for security processes and compliance requirements.
Contributes to the ongoing enhancement of the company's security assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables.
Maintains knowledge with current emerging technologies and advancements within Cybersecurity.
Provides expertise and solutions for others as a subject matter expert.
Monitor and enforce guidelines for best practices in security and compliance.
Orchestrate daily compliance requirements and tasks as required.
Review and respond to escalated security events.
Proactively hunting for vulnerabilities and threats within our environment.
Maintain knowledge of adversary tactics, techniques, and procedures (TTP).
Provide timely and relevant updates to appropriate stakeholders and decision makers.
Monitor and analyze security systems to detect and respond to security incidents.
Investigate security breaches and other security-related incidents.

PCI DSS Responsibilities :

Ensure the organization's adherence to the Payment Card Industry Data Security Standard (PCI DSS) requirements.

Conduct regular PCI DSS gap analysis and risk assessments to identify vulnerabilities.

Develop and implement remediation plans to address PCI DSS compliance issues.

Maintain and update PCI DSS compliance documentation, including policies, procedures, and security controls.

Conduct internal audits and readiness assessments to prepare for PCI DSS certification.

Work with external Qualified Security Assessors (QSAs) during official PCI DSS assessments.

Provide guidance and training to staff on PCI DSS requirements and best practices.

Monitor and manage PCI DSS compliance status and report to senior management.

Stay current with changes and updates to PCI DSS standards and ensure ongoing compliance.

Coordinate with external auditors and regulatory bodies during security audits and assessments.

Collaborate with IT and other departments to ensure comprehensive security strategies.

HSM and Crypto Key Responsibilities :

Manage and maintain Host Security Modules (HSM) to ensure the secure generation, storage, and usage of cryptographic keys.

Implement and enforce policies and procedures for cryptographic key management, including key generation, distribution, rotation, and destruction.

Ensure the secure handling and storage of cryptographic keys in compliance with industry standards and regulations.

Conduct regular audits of cryptographic key management processes to ensure compliance and identify areas for improvement.

Collaborate with internal teams to integrate HSM solutions with applications and systems.

Provide technical expertise and support for cryptographic key management and HSM-related issues.

Stay current with advancements in cryptographic technologies and best practices.

Other Regulation Responsibilities :

Conduct regulation audits related to relevant regulations and standards (e.g., GDPR, ISO / IEC 27001, DORA, NIS2, and BaFin).

Ensure compliance with relevant regulations and standards (e.g., PCI DSS, GDPR, ISO / IEC 27001, DORA, NIS2, and BaFin).

Skills and Experience we desire

Bachelor’s degree in computer science or related field

2+ years of hands-on experience with the design, implementation, and operation of enterprise vulnerability management.

2+ years’ experience supporting diverse IT systems, processes, or capabilities in large organizations

2+ years of solid understanding of industry best practices for hands on, security vulnerability remediation.

2+ years with SCCM, WSUS (or other, similar tools) running in an enterprise environment.

2+ years in scripting of packaged installation of patches, software, and configuration changes, including the knowledge and ability to write PowerShell scripts needed to automate patch management processes.

Extensive experience with core vulnerability management scanners (e.g. Qualys, Tenable etc.).

Strong knowledge of OWASP Top 10 and the ability to articulate application security risks and determine threat level.

Technical understanding of a range of enterprise IT and cloud-based architectures and technologies such as networking, server infrastructure, operating systems, web applications, databases, containerization, mobile.

Preferred certifications : Net+, Security+, OSCP, CEH, CISSP, GIAC (GSEC, GEVA, GPEN etc.)

Additional Skills we desire

An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis

Technical understanding of current cybersecurity threats and trends

Knowledge and experience with the Windows and Linux operating systems

Familiarity with Metasploit, Contrast, AppSpider, Burp Suite, ZAP, and PumaScan.

Experience using Python, Ruby, Perl, PowerShell, BASH, or an equivalent language.

Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities.

Ability to research, analyze data, and derive facts.

Familiarity with automated tools used to discover system and web application vulnerabilities such as Nmap, Qualys, rapid seven etc.…

Knowledge of system and / or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or Open Web Application Security Project (OWASP) Risk Rating Methodology

Strong technical skills related to at least one of the following areas : information security, HSM key management, network security, Windows security, UNIX / Linux security, and web application security.

Able to multitask, prioritize, and resolve multiple inquiries at once.

Excellent communication (oral and written), interpersonal, organizational, and presentation skills.

Strong work ethic and self-motivation.

Ability to work independently, be creative, results-oriented, and adaptable, and have strong written and verbal communication skills.

Our commitment

Verifone is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Verifone is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Create a job alert for this search

Security Engineer • Poland

Related jobs

Senior Application Security Engineer

IntellectsoftPoland

Intellectsoft is a software development company delivering innovative solutions since 2007.We operate across North America, Latin America, the Nordic region, the UK, and specialize in industries l...Show moreLast updated: 16 days ago

Security Detection Engineer Manager

Mondelēz InternationalPoland

Are You Ready to Make It Happen at Mondelēz International?.Join our Mission to Lead the Future of Snacking.We are seeking a skilled and motivated Security Detection Manager to join our security tea...Show moreLast updated: 16 days ago

Network Engineer- Security & Compliance

Astreya Consultancy Ireland Limited, Spółka z o.o. Branch in PolandRemote, Poland

Network Engineers are responsible for the infrastructure that connects users to Dropbox services.This network transits traffic for all tenants of serving infrastructure, including our in-house mult...Show moreLast updated: 26 days ago

Security Analyst, Cyber Readiness

AutodeskPoland

As a Security Analyst - Cyber Readiness, you will be a key player in establishing and shaping the Cyber Readiness function at Autodesk. This net-new role involves creating and implementing processes...Show moreLast updated: 16 days ago

Cyber Security Engineer @ Link Group

Link GroupRemote, Poland

At Link Group, we build tech teams for Fortune 500 companies and the world’s most innovative startups.Our mission is to connect talented professionals with opportunities that align with their exper...Show moreLast updated: 30+ days ago

GCS : Senior Security Engineer

HSBCPologne

Some careers shine brighter than others.If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, o...Show moreLast updated: 11 days ago

Lead Cyber Security Architect

InfosysPoland

Do you want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to j...Show moreLast updated: 16 days ago

Security & Threat Detection Engineer

Alex Staff AgencyPL

Remote

Quick Apply

About the company and the project : .An international technology company developing advanced Linux-based operating systems and infrastructure tools is looking for a . The company's solutions are ...Show moreLast updated: 4 days ago

Senior Security Engineer (Viator)

TripadvisorPoland

Viator, a Tripadvisor company, is the leading marketplace for travel experiences.We believe that making memories is what travel is all about. And with 300,000+ travel experiences to explore—everythi...Show moreLast updated: 30+ days ago

Security Engineer (Remote - Poland)

JobgetherPL

Remote

Quick Apply

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.One of our companies is ...Show moreLast updated: 30+ days ago

Lead Cloud Security Engineer

WP EngineRemote, Poland

Remote

We engage the most inspired minds to do their best work wherever they work best—powering the freedom to create worldwide. We are hiring a Lead Cloud Security Engineer with cloud, linux and automatio...Show moreLast updated: 16 days ago

Security Operations Senior Engineer

ASSA ABLOY Entrance SystemsPL

Security Operations Senior Engineer.Do you want to be part of a winning Team providing one of the most successful engineering access control solutions to the market? Join our team in Krakow and enj...Show moreLast updated: 2 days ago

IT Security Engineer

Panasonic Automotive Systems EuropePoland

Panasonic Information Systems Company | tbc.Are you looking for a new opportunity that offers meaningful work with true purpose? We would love to welcome you to our multinational team!.We invest in...Show moreLast updated: 16 days ago

Security Engineer - Remote (Poland)

OLXPoland, Poland

Security Engineer - Remote (Poland).Remote Poland, PolandOLX – Engineering / Full-time / Remote.At OLX, we work together to build a more sustainable world through trade. We make it safe, smart, and co...Show moreLast updated: 13 days ago

Senior Cyber Security Analyst

Sigma SoftwarePoland

SQL / strong Cybersecurity / strong Data analysis / good BI tools / good.We are seeking a Senior Cyber Security Analyst to work with a highly dynamic AdTech ecosystem, aiming to protect the digital...Show moreLast updated: 16 days ago

Cloudflare Security Engineer

EuroclearPoland

Cloudflare Security Engineer (Cloudflare Experience is required).As a global critical financial infrastructure, the protection of Euroclear information and assets is fundamental to the company’s bu...Show moreLast updated: 7 days ago

Senior Security Engineer @ ITMAGINATION

ITMAGINATIONRemote, Poland

ITMAGINATION helps its Clients by becoming a true extension of their software and data development capabilities.Through the readily set up, comprehensive, and self-governing teams, we let our Clien...Show moreLast updated: 14 days ago

Lead Cyber Security Architect

Infosys Consulting - EuropePL

Remote

Quick Apply