Offer summary

Qualifications:

10+ years of experience in cybersecurity with a focus on application security., Proficiency in security assessment tools and scanners such as Semgrep and Fortify., Deep knowledge of application vulnerabilities and secure coding practices., Familiarity with DevSecOps practices and security certifications like CISSP or OSCP is a plus..

Key responsibilities:

Enhance application security by applying best security engineering practices.

Integrate security into the SDLC while collaborating with development teams.

Conduct assessments using modern security tools to identify vulnerabilities.

Develop secure coding guidelines and support secure architecture decisions.

Job description

Are you ready to take on a challenging role in a global enterprise and contribute to the security of cutting-edge applications?

Project Overview:

We are looking for a highly skilled Senior Security Engineer with deep technical expertise and a passion for secure coding and mentoring. This is not an architect-level position, but rather a hands-on engineering role focused on strengthening the security posture of our applications. You will be joining an international team, collaborating across time zones, and expected to work independently on complex security challenges.

Responsibilities:

Enhance the security of applications by applying best-in-class security engineering practices.
Integrate security practices into the SDLC by working closely with development teams using languages such as Java, .NET, Python, JavaScript.
Conduct in-depth assessments using modern security tools such as Semgrep, BlackDuck, Nexus IQ, ZAP, Fortify, and SonarQube.
Identify, mitigate, and fix application vulnerabilities in alignment with OWASP Top 10 and OWASP ASVS standards.
Develop and promote secure coding guidelines, conduct code reviews, and support secure architecture decisions.

We are happy to hear from you if you have:

10+ years of experience in cybersecurity, with a strong focus on application security
Proficiency in security assessment tools (e.g., ASPM platforms) and scanners (e.g., Semgrep, BlackDuck, Nexus IQ, ZAP, Fortify, SonarQube).
Deep knowledge of common application vulnerabilities and threats (e.g., OWASP Top 10), along with mitigation and remediation techniques.
Strong understanding of secure coding practices and security standards (e.g., OWASP ASVS, NIST).
Hands-on programming experience with languages such as Python, Java, .NET, JavaScript, C, or C++, as well as scripting.
Familiarity with DevSecOps practices and tools (e.g., Azure, Jenkins, Docker, Kubernetes, CI/CD pipelines).
Security certifications such as CISSP, OSCP, or GWAPT - nice to have
Strong problem-solving and analytical skills.
Ability to work independently in an international team.
Strong problem-solving skills and ability to advise on security best practices.

You will love to join this company for: