Security Test Engineer, Enschede, The Netherlands
Are you security minded software developer who loves to be challenged? Would you like to work for one of the fastest growing security scale-ups in The Netherlands? And do you want to join the mission to proactively protect and secure every website on the planet and revolutionise the hosting industry?
About the company
The client base of this company consists of large web hosting providers all around the globe. Security is – obviously – extremely important to them. However, there’s one layer of the security stack the clients have little or no control over: the code of their end users. As most websites use standard software as a foundation (up to 30% of the web is running on WordPress, Joomla or Drupal) hackers continuously exploit security vulnerabilities in these foundations to upload and execute malware. Effectively, this allows hackers to run any malicious code they want. For example: to send spam, launch DDoS attacks or inflict far worse damage.
This company comes to the rescue, offering web hosting providers a fully automated SaaS solution to index security vulnerabilities/risks and resolve them by automatically applying safe backported patches and by defusing malware. On top of that, offering a web app that helps all stakeholders (including security officers, system administrators, helpdesk employees and end users) to operate and keep the web secure.
We are not looking for penetration testers. There is no research required for finding new vulnerabilities, we are looking for people who can both fix known vulnerabilities and know how to verify their own work. This is a combination of engineering and functional testing.
The assessment covers two separate tasks on testing: one of them is about writing unit tests (the bonus exercise), the other is about running an existing unit test suite. Both skills are considered essential in this job.
You’ll be joining our dedicated research team which delivers the core of our product: security patches. The Research team is directly responsible for analyzing vulnerabilities/threats and fix them. As a security test engineer you play a critical role in the organization. You will have full autonomy and responsibility in analyzing new threats (security vulnerabilities and malware) and resolving them for our customers. You will also be responsible for increasing our coverage of supported applications and plugins.
Your work directly impacts the safety and workings of millions of websites around the world, so attention to detail and a high quality work standard are extremely important skills that we’re looking for.
- Analyze new security vulnerabilities in open source applications (such as WordPress, Joomla and Drupal) and backport upstream patches to fix those vulnerabilities in earlier versions.
- Design, build and deploy new features for our internal tooling to automate our workflows.
- Research and analyze new trends in exploitation techniques, malware approaches, etc. and develop strategies to mitigate them.
- Expand coverage of supported applications and plugins.
- In-house tooling developed by the comapny
- You have a true passion for the security field.
- Several years of relevant work experience as a Software Tester, Engineer or similar role.
- Advanced proficiency with at least one scripting language like PHP or Python.
- Understanding and knowledge of security vulnerabilities in web applications is a plus.
- Self-driven work ethic. You need to love taking initiative and seeing things through to completion.
- Willingness to learn. This position is highly specific, so don’t be afraid to apply if you only partially fit the bill! Everything you need to know will be taught to you in-house.
- Fluent speaker of English.
What we offer
- Professionally equipped and highly ergonomical workplace.
- Highly skilled and diverse colleagues to teach and learn from.
- Great coffee, tea and sodas.
- Wide range of fruit, juices and milk to stay healthy.
- Monthly team lunches and dinners.
- Team building activities, which you can both participate in and organize yourself!
- Gaming space with pool, foosball and air hockey.
- Recurring freeform development days for your own projects and interests.
- Growth opportunities towards various engineering departments, including other language specializations such as Python or C++.