Information Security Consultant (Applications)


About the role:

We are looking for an experienced and passionate Consultant, Information Security (Applications) to join our Information Security Services team!

The team’s mission is to predict and prevent incidents by identifying and helping to remediate security threats and weaknesses within the DPDHL IT portfolio, emphasizing on applications & services.

Being part of this team, you will provide end-to-end security consultancy on application layer, building security into our IT solutions from the very beginning. The projects will seek your advice and support around the risk position of the service in its lifecycle.

Your work is essential to protect DPDHL group’s information assets in a dynamic threat landscape by secure design. To achieve this, you will be interacting with our business colleagues, our solution architects and developers, to name a few.

Team introduction:
Information Security Services cooperates with all divisions under the IT Security, Risk and Compliance Management team to meet business partner's requirements to maintain the confidentiality, integrity and availability of the IT infrastructure and assets. Services provided are but not limited to:
• Penetration Testing
• Threat Intelligence
• Vulnerability Management
• Support topics on compliance assessment on ISO readiness and data protection
• Cloud Security

The team also provides consulting services by reviewing & approving the security aspects of the existing network setup (Link Request Approvals) as well as system/software architectures (Application Build Recommendations & Change Requests). We believe the recommendation provides the best way to move forward to both strengthening existing security mechanisms and compensating for any inherent security weaknesses.

What you will do:

• Support our projects along the secure development lifecycle in all security related matters
• Provide consultancy and review on secure architectures
• Run penetration tests and facilitate risk based decision making, propose mitigation for issues identified
• Be a subject matter expert for identity and access management within application security consultancy
• Perform recommendations on WAF Security policies as part of application WAF onboarding
• Participate on change and external link management processes by doing technical security reviews
• Communicate regularly to our stakeholders about risk position and mitigation
• Participate on change and configuration management by doing technical security reviews
• Assist and train junior team members

Application you will use:
• Prior knowledge in penetration testing tools such as Burp Suite, HCL App Scan & OWASP ZAP
• Prior knowledge in F5 web application firewall technology

You should have:

• At least 5 years of experience in end to end application consultancy
• Up-to date knowledge about current architecture patterns and application stacks used in application development
• Experienced in WAF security policies implementation & support
• Communication and time-management skills
• Ability to adapt to dynamic threat landscape in a global environment
• Ability to work unsupervised, under pressure and meet deadlines
• Creative with strong commitment to quality and excellence
• Educated to degree level in IT Security, Engineering or equivalent
• Strong analytical skills and efficient problem solving
• Fluency in English

Nice to have:

• Certifications like GIAC family, CISSP, CISA, CEH, CompTIA Security+ or similar
• DevSecOps experience related to application deployments
• Experience with cloud technologies

What we offer:

• Great team of IT professionals and possibility of technical development
• Modern offices in Chodov
• Home office possibilities
• Permanent contract
• Pension plan contribution
• CAFETERIA employee benefit program with wide selection of benefits from Edenred
• Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company
• Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……


Miroslav Flaška
Miroslav Flaška
DHL Information Services (Europe) s.r.o.

V DHL ITS jsem zodpovědný za kompletní nábor pro oddělení Solution Delivery,  které zastřešuje například software development, projektový management, technické konzultace nebo systémovou integraci a konfiguraci a za nábor pro oddělení Information Security. Především obsazuji pozice, Architect, Software Engineer, Test Engineer, Project Manager, Consultant a Information Security Engineer.

Víte o někom, kdo by měl o pozici zájem? Sdílejte!