Application Security Engineer

We are looking for an Application Security Engineer to join our IT Research & Development team within the Trevolution team in Dyninno Group’s travel division.

Trevolution is a global leader in air ticketing and travel services, serving retail and corporate clients in 50+ markets. With over 20 years of expertise and an entrepreneurial spirit at our core, we combine modern tech with a customer-first approach to simplify travel. We partner with 70+ airlines, offering a full booking experience with expert support – focused on value and convenience. Our products, including online sales, call bookings, and semi-OTAs, are continually expanding to meet market trends.

In this role, you will work closely with engineering teams to help add security to the development process. You will be working in an automation-driven environment, contributing to solutions built from scratch, especially including AI-driven initiatives, and helping secure a large ecosystem of services. This is a hands-on role for someone who understands code, thinks like a developer, and approaches security as an enabler, not a blocker.

What Makes This Role Interesting:

• Opportunity to work on AI-driven solutions from idea to production.
• A role focused on real impact rather than rigid titles or processes.
• Work across a wide range of systems, technologies, and challenges.
• High level of ownership and ability to shape how security is implemented.

Responsibilities:

• Integrate and optimize security tools (SAST, SCA, Secret Scanning, etc.) into CI/CD pipelines (GitLab, Jenkins).
• Review and validate security findings, making sure developers focus on real, important issues.
• Perform threat modeling and review system architecture to identify risks beyond automated tools.
• Analyze code to detect and understand security vulnerabilities.
• Collaborate with engineers and Tech Leads to implement secure, practical solutions.
• Promote secure coding practices through guidance and knowledge sharing.

Requirements:

• Ability to read and understand code (PHP, Node.js, or Golang preferred).
• Experience in software development or application security.
• Knowledge of OWASP Top 10 (XSS, SQLi, IDOR, etc.).
• Familiarity with CI/CD tools such as GitLab or Jenkins.
• Experience with security tools like Semgrep, SonarQube, Trivy, or similar.
• Understanding of secure coding practices and threat modeling.
• Strong communication skills and a practical, collaborative mindset.
• We believe great ideas happen together, so you’ll join us in a hybrid setup: 3 days in our lovely office and 2 days working remotely.

There is no one-size-fits-all here; we are quite flexible and use an individual approach with every candidate we meet. While getting familiar during our interview, we try to understand where your working experience, professional skills, and future contribution to the company can be applied within our multiple business projects.

We don’t want to set any limits, but if we are naming the numbers, then the compensation for this position starts from 5000 EUR gross per month.

With us, you will:

• Be a part of a top-tier team of professionals, work on global projects that reach millions worldwide, and create complex, one-of-a-kind in-house products and solutions.
• Learn and exchange ideas in lectures and workshops led by colleagues and team leads.
• Get health benefits: fully covered health insurance after the end of the trial period (dentistry, out-patient treatment, mental health, medicine, etc.), well-being activities, vaccination days.
• Enjoy employee discount programs and have fun at monthly internal activities and celebrations.
• Work from a modern and well-equipped office in the center of Riga, with parking spaces for bikes and scooters, fresh fruits, and coffee daily.

We thrive in a dynamic global culture where collaboration and a competitive, sales-focused mindset are key, always empowering our team to seize learning and growth opportunities.

Ready to bring new energy into travel with us? Join us!

Please note that the processing of your personal data takes place in accordance with the privacy notice, which could be found here - https://dyninno.com/en/privacy-notice-latvia/

Personnel selection is provided by the competence center of the Dyninno group DYNATECH LLC, Reg. No. 40203110019, address: Jeruzalemes Street 1, Riga, LV-1010, license issued by the SEA for the provision of work placement services No.61/2021 (17.11.2021.)