Home

Ensuring the security of our applications is crucial for the success of our business and the well-being of our clients. We are actively seeking an Application Security Engineer with a strong passion for security to become a valuable part of our expanding team. The successful candidate will thrive in a stimulating, dynamic, and inspiring work environment, collaborating with fellow IT professionals to fortify the security of our award-winning applications.
 

The main responsibilities of the position include:

• Implement and support the application security program
• Work closely with development teams to integrate security into the SDLC
• Educate developers on application security risks and mitigation techniques
• Enhance the current security assurance level related to application security through automation, continuous integration pipelines, and other means
• Publish secure coding standards and practices and share the material with development teams
• Perform security architecture and design reviews of systems and applications
• Support processes relevant to vulnerability assessments, penetration tests, and security code reviews of the applications portfolio
• Identify application security risks and support the remediation of findings
• Perform regular security audits of applications
• Work with product management department to ensure features and functionality conform to security requirements

Main requirements:

• BSc/MSc in information security or any other related field
• Minimum 3 years’ working experience in the application security field
• Strong experience working closely with developers and product teams
• Experience with secure coding practices, application security standards, maturity models, and frameworks such as OWASP SAMM
• In-depth knowledge of DevSecOps methodologies
• Hands-on experience in application security practices such as SAST, SCA, and DAST using major platforms such as Gitlab Application Security suite
• Experience in securing web and mobile applications, cloud services, containers, Kubernetes, Serverless, API Gateways, etc
• Experience in penetration testing and vulnerability management
• Experience with various programming languages such as Java, PHP, Angular, Go, Kotlin, etc
• Experience in the agile software development model and integration of security practices
• Strong communication and organizational skills
• Advantage if holding Application Security and DevSecOps certifications such as CEH, CDP, GWEB, or CSSLP

Benefit from:

• Attractive remuneration package plus performance related reward
• Private health insurance
• Corporate pension fund
• Intellectually stimulating work environment
• Continuous personal development and international training opportunities