Join Seqred Team!
We are currently recruiting
for the following positions:
Join Seqred Team!
We are currently recruiting
for the following positions:
SEQRED is a company that provides advanced services and solutions to ensure the safety of our clients. We specialize in assessing the security of applications and infrastructure, identifying and eliminating threats, implementing security measures, and responding to incidents in the area of cybersecurity. Read more about Seqred.
Why work at Seqred?
Professional development
working at Seqred ensures participation in interesting projects for large Polish and foreign companies, thanks to which you will be able to gain new competencies and experience.
Access to modern technologies
thanks to projects for industries such as financial, energy or chemical, you have the opportunity to learn about advanced systems and technologies.
Varied training program
a training path tailored to individual needs and chosen career path, the opportunity to participate in global training programs, including those organized by SANS
Specialization in a chosen field
at Seqred you can develop your passions related to various areas,
e.g. security of intelligent buildings, AMI systems, or industrial controllers.
Work in project teams
is an opportunity to expand knowledge and competencies in various areas related to cybersecurity.
Building a personal brand
at Seqred we value knowledge sharing – you can write texts for a blog, conduct webinars or presentations at conferences. We participate in Security PWNing, Black Hat, InfraSEC Forum, and other industry conferences.
Competitive salary and various models of cooperation
we offer selected candidates permanent cooperation or participation in selected projects.
Flexible working conditions
we offer a work mode tailored to individual needs – flexible working hours, the possibility of working remotely or in a comfortable office with a large garden.
Active lifestyle
we encourage you to participate in Runmageddons, where you can represent us wearing the Seqred superhero T-shirt.
Cybersecurity consultant
Cybersecurity consultant / specialist
Location: Warsaw
You are an ideal candidate if you have the following competencies or are determined to acquire them:
-
good knowledge and experience in selecting, defining or designing cybersecurity mechanisms and requirements,
-
knowledge of security standards (such as NIST Cybersecurity Framework, NIST 800-53, ISO 27001, CIS20, etc.),
-
good knowledge of methodologies, tools, and techniques of ICT risk analysis,
-
skills and experience in verifying the functioning and effectiveness of control mechanisms related to cybersecurity,
-
experience in implementing projects aimed at assessing the level of cybersecurity in the organization,
-
knowledge of issues related to the emergence of security gaps and their counteraction at the level of applications, IT infrastructure and / or OT.
The following will be of additional advantage:
- cybersecurity certificates, such as CompTIA Security +, CISA, CISSP, ISO27001 Lead Auditor, ISO22301 Lead Auditor, etc.,
- experience in implementing or maintaining the requirements resulting from the GDPR in the area of IT / cybersecurity and analysis of the processing impact assessment (DPIA),
- knowledge of the security aspects of OT (Operational Technology) / IoT (Internet of Things) infrastructure, in the area of device security analysis, OT communication and systems,
- experience in developing and implementing cybersecurity policies and procedures,
- experience in managing project teams,
- professional experience in a consulting company.
Security researcher / Penetration tester
Security researcher / Penetration tester
For the above-mentioned positions we are looking for people with diverse professional experience – both people at the beginning of their career related to cybersecurity and experts with many years of experience.
You are an ideal candidate if you have the following:
- good knowledge of security issues at the technical level,
- good knowledge of methodologies, tools and techniques for conducting penetration testing,
- the ability and experience in using tools to identify security gaps, such as fuzzers, eavesdropping and traffic analysis tools, dynamic and static analysis tools, vulnerability scanners,
- ability to use the detected vulnerabilities,
- experience in the implementation of penetration tests in at least one of the areas: web applications, mobile applications, infrastructure, networks, hardware,
- knowledge of issues related to the emergence of security gaps and their counteraction at the level of applications, IT and / or OT infrastructure.
The following will be of additional advantage:
- safety certificates, such as CEH, OSCP, OSCE, GXPN,
- experience and skills in carrying out reverse engineering,
- knowledge of the security aspects of OT (Operational Technology) / IoT (Internet of Things) infrastructure, in the area of device security analysis, OT communication and systems,
- experience in participating in CTF competitions,
- experience in the implementation and management of operations such as “Red Team” and activities including the emulation of enemy actions, assumed intrusion scenarios, post-exploitation, social engineering .
OT Security Engineer
OT Security Engineer
You are an ideal candidate if you have the following competencies or are determined to acquire them:
- higher education in the field of automation / robotics or related,
- professional experience of over 2 years as an engineer, automation, application engineer, analyst or similar,
- practical experience in commissioning and maintenance of building automation systems or security systems (CCTV, SSWiN, SKD, SSP),
- experience in conducting implementation and acceptance projects, coordinating the work of subcontractors,
- knowledge of controllers and building systems solutions (Siemens, Honeywell, Schneider Electric, Delta Controls, others),
- experience in working with building protocols (BACnet, Modbus, KNX, Lonworks, etc.),
- ability to work in a team and willingness to share knowledge,
- English knowledge at the B2 level.
- security certificates, e.g. CEH, GICSP, CompTIA Security +, OSCP,
- knowledge of the security aspects of OT (Operational Technology) / IoT (Internet of Things) infrastructure, in the area of device security analysis, OT communication and systems.
Security Researcher
Security Researcher
Due to the development of the SEQRED team, we are looking for a candidate for the position of Security Researcher in the area related to the security of devices and firmware.
Among your duties you will find:
- carrying out safety tests of network devices, automation executive devices, controllers and energy meters,
- verification of firmware in terms of identifying vulnerabilities, security errors, assessment of device configuration in terms of meeting security requirements,
The above duties will in particular include:
- identification of communication ports that can be used in a given device (Ethernet, optical, USB, wireless, m-bus) for further tests,
- performing a memory dump from the media available in the device,
- analysis of embedded software, along with the identification and attempt to bypass security measures against unauthorized modification,
- research and identification of information on known vulnerabilities for the identified device components and device software,
- identification of security vulnerabilities in the components and security features used in the device and device software, such as: DoS vulnerabilities, the possibility of unauthorized changes to the operation of the device / program implemented by the device, susceptibility to attacks related to the use of communication links, the possibility of theft of intellectual property used in the device,
- preparation of a report on identified irregularities with recommendations for their removal.
- knowledge of operating systems from the Windows and Linux families,
- practical knowledge of DLMS and Ethernet standards,
- experience in working with debugger, decompiler, deobfuscator, dissassembler tools,
- ability to statically and dynamically analyze binary files,
- experience in fuzzing protocols and devices,
- experience in firmware analysis, reverse engineering methods,
- programming skills in C and assembler
- manual skills in handling the soldering station and soldering,
- knowledge of the IEC 62443 standard and ENISA guidelines for smart grids will be an advantage.