Aktuelle Stellenangebote

Oh pity. We hope you have found something suitable. DE DE DE

Security Engineer (w/m/x)

Location: Osijek, Varaždin, Zagreb & partly home office

Our hearts beat for digital, for varied projects and a steep learning curve. As a part of the IBM iX network, we work with our technology partners to realise digital platforms for the most diverse industries, while always looking ahead to the future. The best part of it? Solid teams! User experience, back-end and testing experts work together in scrum teams and learn from each other. 

At IBM iX, cybersecurity incorporates architecture, governance, identity and access management, threat mitigation, issue and compliance management, risk assessment/consulting, security consulting, penetration testing and strategic planning. The Security Engineer leverages business knowledge and technical experience in cybersecurity to create a secure environment for the business. Do you want to join?

Your Responsibilities

  • You perform in-depth web security assessment to identify security issues and risks
  • You research and incorporate new security tools and techniques to improvise overall application security assessment approach
  • You provide end to end support to remediate security vulnerabilities
  • You review the deliverables of other team members to ensure the delivery quality
  • You continuously research on latest security trends, business logic flaws, and novel attacks
  • You enhance web application and source code vulnerability knowledge base on various technologies
  • You develop or extend in-house tools and automated scripts to enhance the assessment quality

Your Skills

  • You have hands-on experience of conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25, WASC, ASVS and NIST
  • You have working knowledge of programming languages and runtimes e.g. Java, Javascript/Typescript, Python, .NET
  • You have a security architecture mindset to be able to provide appropriate guidance
  • You have experience in source code review of web applications using SAST tools as well as identifying the false positive security issues
  • You have experience on working with tools such as Burp Suite, Checkmarx/Veracode, OWASP ZAP Scanner, Pentesting tools in Kali/Parrot, etc.
  • You have very good understanding of HTTP and Networking fundamentals
  • You have ability to automate certain security test cases or write PoC using scripting language (Python, Shell Script, Ruby/Perl, etc.) wherever required
  • Effective documentation, artefacts capturing, communication, and interpersonal skills are some of your strengths

Our Benefits

In order to bring our visionary ideas to life, we need high-flyers from a wide variety of fields who can cope with fast-paced digital expansion. Our ecx.io Academy supports this in combination with various offers for our employees.

Academy & Co.
Discount programs
Health & Fitness
Team events
Flexible working hours
30 days of vacation

Your Perspective

With us, you can shape your career yourself and benefit from our ecx.io Academy training portfolio: we work with career pathways, 360° feedback and development plans to give our employees the best possible training opportunities. Want to find out more?

Have a sneak peek into our office in Zagreb

ecx.io is committed to creating an inclusive workplace offering equal opportunities to everyone. We especially encourage all people with their individual diverse backgrounds and perspectives to apply.


Ready to apply?

The best way to do that is online via our job portal. Please send us your CV and/or Cover Letter in English! Simply click on the "Apply now" button and off you go!
Questions about the job? 
Please do not hesitate to contact:

Luka Zlatic
Talent Acquisition Consultant
+385 91 601 50 11