We are searching a security testing expert or security analyst, with experience in auditing web applications and ethical hacking projects, for our company security Research & Security team. Scytl performs the Security Assessments of its own solutions, in an integrated manner with the Development team and lifecycle, working together with the cryptographic analysts, and digging as deep as possible into the Software by working on a white box approach at source code level (mainly Java and JavaScript). The candidate would be the technical reference for the others Security Testing Analysis of the R&S team. The main tasks will be: -Security assessment of our own software solutions, mainly web applications / electronic voting platforms. -Security assessment of third-party platforms such as partners and third-party components. -Integration with the Software Development Team and Quality Assurance Team for in the definition and control of the company “Secure Software Development Life Cycle” (S-SDLC) strategy. -Intensive web application testing, automated vulnerability assessments, source code analysis for security testing purposes, and penetration testing in general. -Automate the security tests and integrate the automated testing environments within the S-SDLC process. -Research for security vulnerabilities in opensource applications. -Research for new defensive security mechanisms related to software. -Participation in the research, analysis and design of new advanced security mechanisms for the company developed solutions. -Participation in the publication and diffusion (e.g., conference presentations) of the research effort results and contribution of the company in security matters. Requirements: -A person with high-interest in developing his/her career in computer security, with a strong security mindset. -Computing or Telecommunications Engineer / BSc are preferred; other university studies such as Physics or Mathematics are accepted. -Minimum 4-5 years of experience in Security Audits, mainly performing web application audits. -Enough programming knowledge to prepare scripts, automatize tests, create the applications that might require for the tests, and understand software source code. -Knowledge of methodologies and security standards such as OWASP, OSSTMM, CWE/SANS. -Experience in using automated security testing tools. -Team working skills. -Fluent in technical English, spoken and written. -Occasionally, availability for international travels. Extra points for: -Previous experience in Security Services firms (advisory or audit). -Security certifications such as CEH, CISSP, or OCSP. -Experience in using HP Fortify SCA. -Knowledge of Software Engineering or experience working in software development companies. -Knowledge of basic cryptography: symmetric and asymmetric cryptography, and communications protocols. -Experience in System Administration and Web Application Firewalls. -Other languages are an advantage. Job Advantages: -International working environment. -Creative and results focused team. -Opportunity to be part of the worldwide leader in its market. -Great office in Barcelona center.