Oglasi za posao Application Security Analyst
Oglas je preuzet sa sajta poslodavca i sajt HelloWorld ne garantuje njegovu ažurnost.

Application Security Analyst

Luxoft d.o.o.


online intervju


Project Description

We are a team of Application Security enthusiasts who have been helping create secure applications for a huge telecom provider in Europe for over 15 years.

We know how to break apps and how to make them unbreakable.


Development of security requirements at early stages of the product life cycle.

  • Preparation of test scenarios for an audit that are based on business requirements, technical documentation for a project and a list of affected systems.
  • Identification of defects and vulnerabilities in new and existing software products using the following methods:
    • Static code analysis (mainly Java and J2EE applications, iOS and Android mobile apps) using HPE-MicroFocus Fortify SCA;
    • Dynamic code analysis and scanning for vulnerabilities using Burp Suite and OWASP ZAP;
    • Manual penetration tests on software products deployed on a test environment.
  • Development of recommendations for software developers for addressing the security flaws identified.
  • Optimization and automation of the audit process.
  • Configuration (creation of new rules) of SAST and DAST tools.


Must have

  • Understanding of architecture and working principles of modern web applications.
  • English level: Intermediate.
  • Higher education in IT.
  • Strong knowledge of basic concepts of information security.
  • Strong knowledge of defect types (CWE/SANS Top 25 Most Dangerous Software Errors), vulnerabilities and information security risks in web and mobile applications (OWASP Top 10), as well as ways of detecting and mitigating them.
  • More than 2 years of working experience as Application Security Engineer or on a similar position (Penetration testing, etc.).
  • Strong knowledge of programming languages (Java) and scripting languages (Python, powershell, bash).

Nice to have

  • Relevant information security certifications: OSCP, CEH, OSWE.
  • Knowledge of/experience with international information security standards and personal data protection standards: ISO 27XXX, PCI DSS, GDPR, etc.
  • Knowledge of/experience with information security standards and frameworks: SAML, OAuth, WS-Security, X.509, SAML, JAAS, SSL/TLS, OpenSSO, OpenIAM, etc.
  • Experience in CTF or bug bounty programs.
  • Experience in web or mobile apps development.

Upoznaj kompaniju Luxoft

O Kompaniji Iskustva Poslovi Plate Beneficije Tech Stack

Luxoft, a DXC Technology Company, is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change.

Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44+ cities and 25+ countries with an international, agile workforce of 18,000+ people. It combines a unique blend of engineering excellence and deep industry expertise, helping 420+ global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications. 

Serbia is a growing international IT hub and a new market for Luxoft. As a key location for the company, Luxoft Serbia participates in a range of global projects for the world’s largest brands. We empower our clients with deep domain knowledge and smart solutions as we develop the software of the future across diverse areas of everyday life.

Opšti utisak i preporuka


Menadžment kompanije




Balans karijere i privatnog života


Timska atmosfera


Zadovoljstvo projektima


Mogućnost napredovanja


Iskustvo o radu

Iskustvo · 11.08.2022

Senior Recruiter

Opšti utisak

Ne preporučuje
Trenutno zaposlen/a na neodređeno Manje od jedne godine

Luxoft je velika internacionalna kompanija i stvarno imaju jako dobro razvijene procese. Tim je jako ljubazan i svi su spremni da podele znanje. S obzirom da svi uglavnom radimo od kuce, dobili smo i najmolderniju opremu za rad. Pored toga imaju i veliku e learning platformu gde bukvalno mozete sve da naucite. Velika prednost...


Trenutno nemam zamerki. Sve je bolje nego sto sam ocekivala


Prosečna neto plata


Software Engineer 1 plata


Luxoft offers unlimited opportunities for professional and personal growth

Global Relocation

Internal Mobility

Work from Anywhere


Luxoft Training Center

Educational Programs for Current and Future Managers

BRIDGE Mentorship Program

English Language Lessons

Library for Self-Education

Recognition and Evaluation

Thomas DISC Assessment



Slični poslovi