Security Engineer

Our Values: Trust | Respect | Team spirit

Our secret: Our people who make the difference with their integrity and competences!

Security Engineer | Full-time contract or Freelance model | Athens or remote - GR

Your daily work routine will include:

• Help clients respond to cyber-attacks, to recover from such, assess security vulnerabilities, develop threat models, define and implement security strategies.
• Identify and define system security requirements.
• Prepare and document standard operating procedures and policies.
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Drive mitigation of reported risks from continuous monitoring solutions in collaboration with application development teams.
• Conduct security assessments to identify areas of risk and ensure any gaps are remediated.
• Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
• Effectively represent the company on a technical level when interacting with customers and partners.

Requirements

• BSc or MSc degree in Computer Science, Information Security, or a related technical field.
• Proven work experience (3+ years) in information security roles, with a focus on application security engineering (DevSecOps) or penetration testing (is a plus).
• Penetration testing or vulnerability assessment skills (e.g., Burp Suite, OWASP ZAP, Acunetix).
• Security analysis knowledge for the following coding languages: Java, JavaScript, SQL.
• Basic scripting skills in one or more of the following languages: Python, PowerShell, Bash.
• Experience with S-SDLC and DevSecOps tools and practices across CI/CD environments (e.g., Git, Azure DevOps, Azure Pipelines, Docker, and Kubernetes) including SAST, DAST, SCA, Threat Modeling, and Vulnerability Scanning (e.g., SonarQube, IriusRisk, OWASP Threat Dragon, OWASP Dependency-Track/Check, Nessus, OpenVAS).
• Good understanding of cryptographic primitives, latest security principles, techniques, and protocols.
• Strong knowledge of MITRE ATT&CK Framework, OWASP Top 10, and OWASP ASVS Standard.
• Ability to assess and prioritize security risks and requirements.
• Excellent command of the Greek & English languages, both written and spoken.
• Excellent communication, presentation, and report writing skills.
• One or more related security certifications (e.g., CSSLP, CISSP, AZ-500 Azure Security Engineer, CompTIA Pentest+, CompTIA Security+, CCNA CyberOps, OSCP, OSWE, ISO/IEC 27001 Lead Auditor).

What is in it for you?

• A permanent contract with a compensation package that includes private medical insurance, meal vouchers, mobile plan (for the permanent contract option).
• Learning opportunities, in-house trainings, continuous coaching.
• Fun, respectful and supportive work environment that promotes work-life balance.
• Mobility opportunities to work abroad, in case of interest, as we have various job openings in our Group.

Why Trasys Greece?

• Strong team spirit attitude.
• Dynamic, intelligent, agile and talented teams.
• Large-scale challenging international projects.
• Allows you to take the ownership of your work from the beginning, having specific responsibilities.
• Active and meaningfully present in various IT communities (MoT, Angular, JHUG, etc.).

Trasys Greece, part of NRB Group, is an equal opportunity employer who welcome applications from all sections of society and do not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, or any other basis as protected by applicable law.