Application Security Engineer

We are seeking an Application Security Engineer to join our AppSec team and work on very exciting projects. This is a well-paid remote role that offers an exceptional opportunity for growth and becoming an expert in application security.

Responsibilities:

• Perform different kinds of security assessments of customer applications. Including penetration testing, Threat Modeling and Secure Code Review.
• Analyze applications and generate vulnerability reports containing effective mitigation strategies.
• Analyze code security scan results, like SAST and DAST reports.
• Collaborate with customers to customize and tailor software security solutions to their environment.
• Collaborate with vendors in the community to identify and address flaws in software projects.
• Develop and enhance a DAST tool for multiple web application contexts.
• Collaborate with the engineering team to share knowledge and insights on various aspects of application security.
• Help enable the secure development of new features for customer applications.
• Perform security code reviews.

Your profile:

• At least 1 year of experience in application security or security research, demonstrating a strong understanding of application security attacks, vulnerabilities, and mitigation techniques.
• Strong knowledge in common Web Application security vulnerabilities (OWASP TOP10, SANS 25, etc.).
• At least 1 year of experience with Penetration Testing and Secure Code Reviews.
• Proficiency in 2-3 programming languages, such as Java, C#, Go, JS, Python, PHP, Ruby, etc.
• Language-agnostic approach to vulnerability identification in source code, capable of reading and identifying vulnerable parts in multiple programming languages.
• Knowledge of computer networks and cloud infrastructure.
• Excellent written and verbal communication skills in English.
• Customer-centric mindset.

Nice to Have:

While not mandatory, the following qualifications are desirable:

• BSc or BA in Cyber Security, Computer Science or a related field.
• Experience working with development teams.
• Previous experience with bug bounty research or published advisories/exploits for discovered 0day vulnerabilities in applications.
• Experience with Threat Modeling and Architecture Reviews of web applications.
• Knowledge of Secure Software Development Life-Cycle requirements.

What We Offer:

• Opportunity for Growth: We are committed to enabling your professional development, allowing you to grow and excel in your career.
• Expertise Development: We encourage individuals who are eager to challenge themselves and become experts in application security.
• Focus on Learning and Achievement: As part of a company dedicated to application security, you will have a unique environment where you can truly focus on learning, growth, and achieving your goals.
• Advancement Opportunities: We offer a genuine opportunity to advance in the field of Application Security. As you progress, you can aspire to become a Senior Engineer or even a Team Lead in our disruptive and forward-thinking company.

If this role excites you but you are concerned about not meeting all the requirements, please submit your application anyway. We would love to connect with you!

Join our team today and be a part of our journey to reshape the Application Security industry. Apply now!

Our recruiting process consists of...

• Send us your updated CV
• First interview (30 min)
• Technical Assessment
• Second interview (30 min)
• Offer
• Contract signing