#1 Job Board for tech industry in Europe

Security Engineer
Security

Security Engineer

Type of work
Full-time
Experience
Senior
Employment Type
B2B
Operating mode
Hybrid

Tech stack

    Security standards

    advanced

    security assessment tools

    advanced

    English

    advanced

    DevSecOps practices and tools

    regular

    Python

    regular

Job description

Online interview

Profile of the Perfect Candidate:


The ideal Senior Application Security Engineer is a seasoned professional with a comprehensive understanding of secure software development practices, including threat modeling, code reviews, and vulnerability management. They are well-versed in current security tools, technologies, and best practices. The candidate should possess a proactive approach to security, staying up-to-date with the latest threats and trends in cybersecurity. They should be comfortable working in a fast-paced environment, collaborating with cross-functional teams, and communicating complex security concepts to both technical and non-technical stakeholders. Strong analytical skills, attention to detail, and a passion for continuous learning and improvement are key attributes of the perfect candidate.


Key Responsibilities:


  • Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used
  • Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications
  • Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices
  • Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities
  • Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development
  • Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle
  • Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies
  • Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization


Requirements:


  • Educational Background: Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field
  • Experience: 4-5 years of experience in application security or a related field, with at least 2 years in a senior or lead role


Technical Skills:


  • Proficiency in security assessment tools and scanners (e.g., BlackDuck, Nexus IQ, OWASP ZAP, Fortify, Sonarqube)
  • In-depth knowledge of secure coding practices and security standards (e.g., OWASP, NIST)
  • Experience with programming languages (e.g., Python, Java, .NET) and scripting
  • Familiarity with DevSecOps practices and tools (e.g., Jenkins, Docker, Kubernetes, CI/CD pipelines)
  • Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GWAPT are highly desirable


Soft Skills:


  • Excellent communication and interpersonal skills
  • Strong problem-solving and analytical abilities
  • Ability to work collaboratively in a cross-functional team environment
  • Mindset: Proactive, self-motivated, and passionate about staying current with the latest trends and threats in cybersecurity


Offer:


  • Location: Wrocław (1 day a week from the Client's office)
  • B2B contract via Experis
  • MultiSport Plus
  • Group insurance
  • Medicover Premium
  •  e-learning platform