Application Security Engineer

We are seeking an Application Security Engineer to join our dedicated team, responsible for ensuring the secure design and compliance of our applications and cloud infrastructure.

This role requires a dynamic individual expert in integrating security practices within development pipelines and familiar with the latest security methodologies.

Please note that work from office 5 days per week is required.

Responsibilities

• Collaborate across teams to accomplish complex security objectives
• Design security architecture from cloud infrastructure to application implementing “secure by design” principles
• Work with product managers, architects, and developers to implement security controls within our platform and products
• Validate security implementations in infrastructure, application deployments, and CI/CD pipelines
• Develop and enforce security policies, controls, and capabilities to protect products and environments
• Automate threat model validations
• Engage in product planning cycles and committees within engineering teams
• Manage the migration of products and services to public cloud environments such as AWS
• Serve as a cybersecurity advisor to product and application teams

Requirements

• Minimum of 2 years’ experience in Security Engineering
• Demonstrated experience integrating security scanning and tooling into development pipelines
• Proficiency in analyzing and securing microservices and applications using JavaScript and TypeScript
• Skills in CI/CD pipelines and infrastructure-as-a-code models including Terraform, Helm, or CloudFormation
• Hands-on experience in Python or shell scripting
• Solid understanding of supply chain security, software integrity, and secure software delivery
• Background in Docker and mesh technologies like ISTIO
• Capability to conduct architecture and security reviews, threat modeling, and application risk assessments
• Familiarity with Agile methodologies
• Understanding of privacy laws and regulations, such as GDPR
• Knowledge of industry regulations and frameworks such as PCI, ISO27001, and NIST
• Upper-intermediate proficiency in English (B2+)

Nice to have

• In-depth experience with secure services architecture on Kubernetes
• Extensive experience with secure services architecture on AWS or on-prem data centers
• Security-related professional certifications such as CISSP, CISM, CCSK, CCSP, or CEH

We offer

• We gather like-minded people:
• Engineering community of industry professionals
• Friendly team and enjoyable working environment
• Flexible schedule and opportunity to work remotely within Poland
• Chance to work abroad for up to 60 days annually
• Business-driven relocation opportunities
• We provide growth opportunities:
• Outstanding career roadmap
• Leadership development, career advising, soft skills, and well-being programs
• Certification (GCP, Azure, AWS)
• Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
• English classes
• We cover it all:
• Stable income (Employment Contract or B2B)
• Participation in the Employee Stock Purchase Plan
• Benefits package (health insurance, multisport, shopping vouchers)
• Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
• Referral bonuses
• Corporate, social and well-being events
• Please, note:
• The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview
• We will reach out to selected candidates exclusively

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.