Application Security Engineer
Greece
Full Time
3 hours ago
No Sponsorship
Key skills
AWSCloudJ2EEJavaJavaScriptNode.jsPythonSpringUnixShellBashAINodeJSGitHubJiraConfluenceMentoringCommunicationCheckmarxOWASPNetwork SecurityCloud Security
About this role
Role Overview
- Triage vulnerabilities and review security reports coming from application security tools and pentests.
- Lead triaging sessions to determine the impact and risk associated with identified vulnerabilities, develop and supervise remediation actions.
- Consult with the different teams to build security into their platforms and projects as an SME.
- Collaborate with development teams to incorporate security into the software development lifecycle through the implementation of secure coding practices and timely addressing of application security vulnerabilities by prioritising them.
- Conduct/help with security reviews of code to improve the overall security of our applications.
- Contribute in the implementation and automation of new application security products.
- Support, develop and continually improve security automation and orchestration capabilities.
- Leverage AI-assisted tools to support secure code development, accelerate the triaging of security findings, and explore new ways to identify potential vulnerabilities more effectively.
- Create, update and maintain security documentation, tools and integrations that automate or advance team's security objectives.
- Act as an evangelist by promoting security awareness, and staying up-to-date on current development methodologies.
- Supporting and enhancing vulnerability management strategy to identify, assess and prioritise software vulnerabilities across the organisation.
- Update and maintain an accurate inventory of all applications, pipelines, integrations, and other application security assets.
Requirements
- Computer Science Degree or equivalent (BSc or higher)
- 2+ years in enterprise software development or engineering with 2 years of experience in an application security-focused role is required
- In-depth knowledge of web application security and secure coding practices. Basic knowledge of network security, cloud security and cryptography
- Experience with at least one JVM language (e.g. Java) and one more programming language (e.g. JavaScript, nodeJS, Python) as well as related frameworks such as Spring or J2EE
- Experience in mobile application development or security.
- Understanding of web, mobile and cloud applications and architectures, relational and non-relational databases, and containerization
- Experience with at least one DAST, SAST and SCA security scanning tools configuration or automation
- Experience with security reports reviews produced by security scanning tools.
- Experience leveraging AI to enhance application security activities, including source code review, vulnerability discovery, exploitability validation, risk-based triage, remediation guidance and support for writing secure code.
- Strong understanding of supply chain security, software integrity and secure software delivery.
- Knowledge of application security frameworks such as OWASP ASVS
- Knowledge of Unix based OS or/and scripting (e.g. Bash, Shell)
- Excellent communication skills in English (written and verbal)
- Ability to lead online meetings
- Organise and prioritise work effectively, able to adjust in a changing environment
- A desire to learn new skills and develop your existing skillset
- Ability to give and receive constructive feedback in a positive/professional manner
- Enjoy working collaboratively
- Positive attitude and a good sense of humour
- Mentoring and coaching of junior members of the team
- Experience with any of Checkmarx products or GitHub automation would be highly advantageous
- Experience leading triaging calls and process
- Good experience with DAST or API scanning tooling and automation
- Any threat modelling skills
- Some knowledge of AWS would be a plus, but is not required
- Familiarity with Jira, Confluence and Assets
Tech Stack
- AWS
- Cloud
- J2EE
- Java
- JavaScript
- Node.js
- Python
- Spring
- Unix
Benefits
- Be part of a dynamic team with enthusiastic experts that will support your talent and growth
- Embark on a journey within a diverse environment full of opportunities and challenges
- Comprehensive onboarding experience designed to facilitate your smooth transition
- Attractive salary and a bonus plan
- Health and life insurance for you and your family
- Well-being allowance
- Monthly lunch allowance
- Developmental 360° feedback framework
- Unlimited Training options and tools
- Extensive leave plan
- Employee Assistance Program with specialized Counselors / Licensed Psychologists
- Enjoyable and stable working environment
- Flexible working arrangements (fully remote/hybrid)
- Modern workspace environment
- Apple equipment and top-notch office technology to support our hybrid working