Security Expert (Web API / OWASP)

Hello,
We are called People More because we treat our employees with respect, but also because the projects we work on are for people and should be easy and pleasant to use. We are technological, but we look at the bigger picture :)
The company is made up of people with a huge client base in the country and abroad, for whom we build projects from scratch (UX, UI, frontend, backend, mobile) or in part. We work directly for our clients and also support our partners in their own solutions. This ensures a wide range of projects and the ability to change! We work with clients all over the world.
For the project that we are working on with our partner, we are looking for Security Expert (Web API / OWASP).

Your duties will include: 

• Conducting a deep security audit of platforms and applications
• Identifying security vulnerabilities and potential risks
• Performing penetration testing
• Conducting infrastructure vulnerability assessments
• Verifying the security of Web APIs
• Identifying vulnerabilities such as SQL Injection and other application-layer attacks
• Assessing potential identity theft attack vectors
• Reviewing systems against the full OWASP security scope
• Evaluating low-code platform security according to 2025 standards
• Providing security recommendations and advisory support for the development team

Requirements that must be met:

• Proven experience as a Security Expert / Security Engineer / Application Security Specialist
• Strong hands-on experience with penetration testing and vulnerability analysis
• Solid experience in application and infrastructure security
• Very good knowledge of OWASP Top 10 and application security standards
• Experience in securing Web APIs
• Practical understanding of vulnerabilities such as SQL Injection, identity theft techniques, and API vulnerabilities
• Ability to conduct comprehensive security audits
• Very good English and Polish

Nice to have:

• Experience with low-code platforms
• Experience in DevOps or infrastructure security 
• Experience with Mendix – not required, internal training will be provided

What we offer:

• We are open and honest and we solve problems instead of generating them.
• Maybe it’s obvious, but we really respect our employees and associates. We used to be software developers, too, and we appreciate that job!
• A small team
• An international working environment and international projects
• Private medical care
• Sports card
• Training courses
• Work that is 100% remote (unless you prefer another system)

We have an office in Krakow, but if you like to work remotely, that’s absolutely fine. We are OK with fully remote work. For us, you can be located anywhere. :)

Why it’s a good idea to work with People More?

• If you are not satisfied with your work or your tasks, we’ll find a way out together!
• If you get bored, we will offer you a new product and new, fascinating tasks
• We will work on your brand together: you will get an opportunity to attend conferences, including as a speaker, and we will help you publish in recognized magazines and online
• We will facilitate your access to challenges that are usually difficult to get
• At any time, you can talk directly to the board of People More—we talk your language because the company’s founders are software developers and designers!

What does the recruitment process look like?

• A friendly remote initial interview
• A remote technical talk
• The decision to work together!

160 - 210 zł/h

B2B

Kraków / remote