All offersGdańskSecurityLead Application Security Engineer
Lead Application Security Engineer
Security
EPAM Systems

Lead Application Security Engineer

EPAM Systems
Gdańsk
Type of work
Full-time
Experience
Senior
Employment Type
B2B, Permanent
Operating mode
Remote

Tech stack

    Security
    advanced
    OWASP
    advanced
    Python
    nice to have

Job description

Online interview

We are in search of a Lead Application Security Engineer to become a part of our team. The preferred candidate should possess a background in software development along with substantial experience in application security.


In this role, you will be accountable for overseeing the application security program for a worldwide investment company. In addition to enhancing security practices, you will be required to conduct root-cause analyses on identified issues.


It is a fully remote position offering you the flexibility to work from any location in Poland, whether it's your home or one of our well-equipped offices in Gdansk, Katowice, Krakow, Lodz, Warsaw, or Wroclaw.


WHAT YOU’LL DO

  • Oversee the Application Security program
  • Conduct threat modeling activities
  • Collaborate with teams to prioritize issues and provide explanations regarding the nature of problems
  • Manage processes such as remediation, mitigation, reporting, and cadence
  • Address troubleshooting needs when tools encounter issues or when the team faces onboarding challenges
  • Perform SAST, SCA, IaC, DAST, and API security scans on internally developed code using tools such as Checkmarx, CheckmarxOne, and SonarQube
  • Evaluate scan results to distinguish between true positives and false positives
  • Work closely with developers to understand results and determine optimal patch options
  • Provide guidance on the intricacies of configuring pipelines in Azure DevOps (ADO) for automating the scanning process


WHAT YOU HAVE

  • 5+ years of experience in Application Security
  • Expertise in OWASP Top 10
  • Strong understanding of Security Programs
  • Knowledge of Python, which would be considered as a plus


NICE TO HAVE

  • Familiarity and experience with scripting languages (Bash)
  • Background in Vulnerability Management


WE OFFER

  • We gather like-minded people:
  • Friendly team and enjoyable working environment
  • Engineering community of industry’s professionals
  • Flexible schedule and opportunity to work remotely within Poland
  • Chance to work abroad for up to 60 days annually
  • Relocation within our 50+ offices


  • We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning
  • Language classes on English and Polish for foreigners


  • We cover it all:
  • Stable income (Employment Contract or B2B)
  • Participation in the Employee Stock Purchase Plan
  • Referral bonuses
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and many more
  • Corporate and social events


  • We may contact chosen candidates only