Lead Security Engineer

We are seeking a skilled and experienced Lead Security Engineer to drive the secure design, implementation, and evolution of a scalable, decoupled architecture that enables technological progress and supports new digital business initiatives.

This role will engage closely with development and platform teams, delivering impactful security solutions to safeguard applications and cloud-native systems.

Responsibilities

• Perform in-depth security reviews of application architectures, designs, APIs, and cloud-native solutions across products and services
• Conduct threat modeling exercises to identify risks early in the software development lifecycle
• Collaborate with development teams to integrate security controls into product features, APIs, and cloud environments
• Define and promote secure coding standards tailored to various languages and technology stacks
• Provide actionable guidance on mitigating OWASP Top 10, CWE Top 25, and other critical security risks in web, API, and cloud-native applications
• Support vulnerability management workflows, triaging findings from SAST, DAST, and SCA tools
• Strengthen DevSecOps pipelines by integrating security testing with SAST, DAST, secrets scanning, or container scanning
• Validate the security of hybrid cloud/on-premises architectures and SaaS integrations with platform and cloud engineering teams
• Contribute to the development of application security policies, secure architecture patterns, and baseline configurations
• Deliver training to engineering teams on secure design patterns, secure coding techniques, and common pitfalls
• Assist in incident response by analyzing product vulnerabilities and addressing application-level security incidents

Requirements

• 3-4 years of hands-on experience in application security, secure software development, or security engineering
• Strong technical expertise in securing cloud-native (AWS/Azure/GCP) and on-premises applications
• Competency in secure application design, architecture patterns, and web security protocols like HTTPS/TLS, CORS, and CSP
• Advanced knowledge of OWASP Top 10, CWE Top 25, and exploit mitigation techniques
• Proficiency in API security, including OAuth 2.0, OpenID Connect, and API Gateway protections
• Expertise in using SAST, DAST, SCA tools with experience guiding remediation based on results
• Skills in building or enhancing DevSecOps pipelines with GitLab CI, GitHub Actions, Jenkins, or similar tools
• Background in threat modeling and conducting security design reviews across application layers
• Familiarity with Identity and Access Management (IAM) best practices
• Experience with enterprise architecture principles and secure IT ecosystem integration
• Communication skills to translate technical risks for diverse audiences and mentor engineering teams
• Collaborative mindset, with a proven ability to work across globally distributed teams

We offer

• With us you can:
  • Work on a flexible schedule remotely or from any of our comfortable offices or coworking spaces in Ukraine
  • Receive the necessary equipment to perform your work tasks
  • Change projects and technology stacks within EPAM
  • Gain experience in various business domains (Insurance, E-commerce, Healthcare, Finance, Travelling, Media, Artificial Intelligence, and more)
  • Relocation opportunities may be available for eligible candidates, depending on the role and openings at other EPAM locations
  • Participate in volunteer, charity programs and communities (both technical and interest-based)
• We focus on your professional growth:
  • You can plan your individual career path together with your manager
  • Receive regular feedback from colleagues
  • Improve your English for free with certified teachers (Speaking Clubs, client interview preparation courses, etc.)
  • Get the opportunity to undergo free training and certification in AWS, GCP, or Azure Clouds
  • Use the internal E-learn training program (18,200+ specialized training and mentoring programs)
  • Access corporate accounts on LinkedIn Learning, Get Abstract and other partner resources
  • Study at EPAM Solution Architecture School with the instructors who are practicing architects
  • Develop as a leader, join Delivery Management, Resource Management, Leadership Essentials school and more
  • Participate in internal communities (500+ meetups, technical discussions, brainstorming sessions, online events and conferences annually)
• What we offer:
  • Vacation and sick leave (including a sick leave without a medical certificate)
  • A wide range of Voluntary Medical Insurance programs providing both medical treatment and various preventive options (including sports activities)
  • Medical insurance for family members at corporate rates
  • Company support during significant life events (childbirth or adoption, marriage, etc.)
  • Support for psychological comfort: discounts on services from mental health specialists or coaches, thematic training
  • E-kids program - a free programming language training program for EPAMers' children

Kindly be advised that the set of benefits, including learning, certification, and other opportunities, may vary depending on the role you apply for. Our recruiter will be able to share more details about the specific opportunity during your general interview.

EPAM strives to provide its global team of over 62,350 professionals in more than 55 countries with opportunities for professional growth from day one of collaboration. Our colleagues are the source of EPAM's success, so we value cooperation, strive to always understand our clients' business and aim for the highest quality standards. No matter where you are, you will join a dedicated, diverse community that will help you realize your potential to the fullest.