We are HTD Health – a fast-growing development shop on a mission to build software that will solve meaningful problems in healthcare. We help ideate, design, build, grow, and scale with digital health startups, clinics large and small, medical device consulting firms, and other non-healthcare entrepreneurs.
Currently, we have an excellent opportunity for an ambitious Pentester to join our HTD Health growing team!
What we need from you:
Key responsibilities:
Perform comprehensive penetration tests across various projects, identifying vulnerabilities in both web and mobile applications. While expertise in web application testing is a must, experience in mobile app testing would be highly advantageous.
Develop detailed reports outlining discovered vulnerabilities, along with recommended fixes. These reports should serve as a guide for development teams to address and mitigate security weaknesses effectively
Take the initiative to elevate and enhance our existing penetration testing processes. This includes creating and defining strategic approaches to penetration testing that build upon our current methodology, ensuring our practices remain at the forefront of the industry.
Provide timely and expert security advice to both internal teams and clients on an ad-hoc basis. This involves close collaboration with development teams to address specific security concerns and working with clients to tailor documentation and recommendations according to best practices.
Effectively communicate the outcomes of penetration tests to clients and internal stakeholders. This includes presenting detailed reports and explaining our penetration testing process in a manner that is accessible and informative.
Regularly conduct penetration tests across different projects, offering actionable feedback and recommendations to improve security postures. This continuous cycle of testing and feedback is crucial for maintaining high security standards across all projects.
Engage in diverse projects, contributing to a broad spectrum of cybersecurity challenges. Your role will necessitate flexibility and adaptability, ensuring security measures are consistently applied and optimized across various development environments.
Participate in the development and delivery of security awareness training for employees. This could involve creating training materials, conducting workshops, or presenting at team meetings to educate staff on security best practices and the importance of cybersecurity.
Assist the incident response team in the event of a security breach or attack. This includes helping to identify the source of the breach, assessing the extent of the damage, and recommending remediation steps.
Stay informed about relevant security standards, compliance requirements, and regulatory frameworks. Apply this knowledge during penetration tests to ensure not only the security but also the compliance of applications and systems.
Ensure all penetration testing activities are in strict adherence to the Health Insurance Portability and Accountability Act (HIPAA) regulations. Evaluate the security and privacy of systems handling protected health information (PHI) to prevent unauthorized access or breaches, thereby safeguarding patient data and maintaining regulatory compliance.
Nice to have
What you can expect from us:
- PLN 9 000 - 16 200 + VAT on a B2B contract
- PLN 7 500 - 13 500 gross on employment contract