Application Security | AppSec Engineer

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team. 

We are currently looking for an experienced AppSec Engineer to join our Application Security team.

Responsibilities:

• Perform web and mobile application security testing. Security code review
• Be involved in the design phase of the Software Development Life Cycle, embedding the security architecture principles
• Think of and implement new ways to automate and improve security across the business
• Manage bug bounty program and drive different program initiatives
• Advise developers about secure coding practices and monitor the elimination of identified vulnerabilities

Requirements:

• More than 3 years of experience in the information security field
• Experience in performing security testing, such as code reviews and web application security testing
• Knowledge of important security aspects, including OWASP Top Ten, and secure coding best practices
• Experience with at least one programming language. An ability to automate and script your work, e.g. python, bash scripts
• Solid understanding of the technology stack and passion for problem-solving

Nice to have:

• Participation in bug bounty programs and security research
• Relevant security certifications

Skills / Stack we work with:

• Web Application Security: OWASP Top 10, OWASP ASVS, SecSDLC
• Security Testing: Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Penetration Testing
• Languages & Frameworks: Python, Java, JavaScript, Angular
• Cloud Security: AWS, container security (Docker, Kubernetes)
• Vulnerability Management: Burp Suite, Nessus, DefectDojo
• CI/CD Integration: Jenkins, GitLab CI/CD
• Bug Bounty Platforms: Familiarity with platforms like Intigriti, HackerOne, Bugcrowd

What you get in return:

• You will join the company, that cares about work and life balance
• Annual Bonus based on the performance review cycle
• Family Medical Insurance, Pension fund, MyBenefit system and Multisport for CoE
• Generous Annual Leave Policy (both for B2B and CoE)
• Hybrid working model with flexibility when it comes to remote working
• Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.

Be a key player at the forefront of the digital assets movement, propelling your career to new heights!

Join a dynamic and rapidly expanding company that values and rewards talent, initiative, and creativity.

Work alongside one of the most brilliant teams in the industry.