Job description
The world’s most advanced VPN, and a whole lot more.
If you’re a curious problem-solver who carves their own path, join the team behind Threat Protection Pro, the NordLynx protocol, and the fastest VPN on the planet—tools that put privacy, security, and control back in people’s hands.
Your impact? Helping millions take back control of their online security, privacy, and data.
Risk Department plays a vital role in protecting the organization, ensuring resilience and security across all operations. By assessing risks, ensuring compliance, and managing security audits, this team helps build a strong and trustworthy foundation.
What You Will Do
- Conduct security reviews of application designs, source code, and third-party libraries;
- Perform regular application vulnerability assessments using both automated tools and manual testing techniques (e.g., SAST, DAST, SCA, penetration testing);
- Collaborate with development teams to design secure architectures and implement security controls;
- Help maintain security tools, scripts, and processes to support secure development;
- Stay current with industry trends, zero-day vulnerabilities, and best practices in application security;
- Develop scripts and security automation tools to enhance application security testing processes;
- Design and deliver training for security engineering awareness & adoption;
- Actively look for internal security gaps within the product or organization overall;
- Ensure mobile/desktop applications are sufficiently tested and support internal and external audits;
What We Expect
- Proven experience in mobile/desktop application security assessment planning, testing, methodologies, and vulnerability reporting;
- Strong understanding of secure coding practices;
- Ability to perform manual security code audit;
- Proficiency in at least one low-level programming language (e.g. C, C++, Rust, Go).Solid understanding of networking protocols such as TCP, UDP and the HTTP protocol;
- Familiarity with debuggers (e.g. GDB, LLDB, WinDbg).Familiarity with reverse engineering tools (e.g. Ghidra, IDA).Solid understanding of memory corruption issues, buffer overflows and related vulnerability classes.
- Familiarity with common authentication and authorization protocols (OAuth, SAML, JWT, etc.).
- Ability to work with networking tools such as Wireshark and tcpdump.
- Ability to quickly assimilate new technologies and tools;
- Sense of ownership with strong problem-solving and investigation skills;
- Ability to build and maintain relationships, influence key stakeholders across the business;
- Bonus points for community contributions like public CVEs, bug bounty recognition, open-source tools, blogs, etc.
Salary range
- Gross Salary 22900 - 32900 PLN/Month
What We Offer
Innovate with industry leaders
Work alongside global experts to build world-leading cybersecurity tools, impacting millions of users around the world.
Learn & grow
Boost your skills via our extensive training programs (online and offline) & other resources. Benefit from mentorship and career-switch opportunities to grow within the company.
Hybrid work
Enjoy the flexibility with 3 office days and working from home for the remaining 2.
Work from anywhere
Recharge with a change of scenery – choose work from any location when you feel a need to power your creativity and drive.
Physical well-being
Fuel your active lifestyle with online workouts led by our Physical Well-Being experts.
Mental & emotional health
Nurture your mind with free psychologist consultations, dedicated mental health events, and premium access to top-rated wellness apps like Calm, Headspace, and Mindletic.
Premium healthcare
Receive private health insurance giving you peace of mind for your health needs.
Joyful moments – special treats
Celebrate life’s big moments with special gifts from us on your birthday, anniversary, and other major events, such as weddings or the arrival of a new family member.
Company events & team-building
Experience iconic Nord Security celebrations, team-buildings, and knowledge-sharing events, nurturing bonds that fuel our success.
Workation
Embark on a legendary company getaway abroad, filled with exciting activities, live concerts, engaging workshops, and epic time together.
Kindly refer to our Privacy Notice for Recruitment Candidates for comprehensive information regarding our data handling procedures throughout recruitment processes: https://bit.ly/40GWyjL
We expect all candidates to provide accurate and complete information during the recruitment process. While limited use of AI tools to refine application materials is acceptable, candidates remain fully responsible for ensuring that their submissions reflect their own qualifications, skills, and experience. Any failure to do so may negatively affect participation in the recruitment process. If broader AI assistance is allowed for a particular role or stage, we’ll let you know in advance.
By submitting your application, you acknowledge that it may be processed using automated tools for evaluation purposes. As part of our recruitment process, we may use an AI-based application review tool to help assess applications based on skills and experience relevant to the role. This technology is used to support - not replace - human decision-making, and every application is ultimately reviewed by a recruiter.
If you would like more information about how AI is used in this process or wish to exercise your rights under applicable data privacy laws, please contact us at [email protected]. Should you prefer to opt out of the automated evaluation, please submit your application directly to [email protected].
