About Us
We are a leading provider of software solutions for risk management, credit rating and scoring as well as regulatory reporting in South-East Europe. Join us as we embark on a number of exciting projects with global fintech leader and digital banking pioneer N26. As we look to expand our team of mobile app developers, UI specialists, web designers and more, we look forward to welcoming you on board for a new and exciting opportunity in partnership with The Mobile Bank.
We are looking for an Application Security Engineer to join our team to help us build the best, secure and compliant banking applications. The ideal candidate should use their experience, best practices, willingness to learn and a collaborative attitude to help drive application security initiatives.
Responsibilities
- Integrating security into the development of applications
- Working closely with product and software development teams to threat model, vulnerability scan and penetration test the early software while identifying the required control points in the application stack
- Working closely with developers to diagnose, document and remediate security vulnerabilities
- Implementation, configuration and monitoring of application security tools and technologies in a cloud environment
- Evaluating, recommending and implementing security-related software in the SDLC
- Keeping up to date with latest security threats and vulnerabilities and training developers in security best practices
Qualifications
- 2+ years experience in software development, security, devops, QA, engineering or related positions (we encourage candidates in related roles that want to get into application security, to apply)
- Understanding of Continuous Integration /Testing /Delivery
- Organized, responsive problem solver
- Ability to effectively communicate and to teach to developers and leadership
- Familiarity with security principles, methodologies, and best practices
- Proficiency in spoken and written English
- Willing to learn security aspects of application development
Nice to have
- Proficiency in primary development language
- Thorough knowledge of application security frameworks (OWASP Top 10 & ASVS, SANS/CWE, NIST publications)
- Knowledge of applications security tools (SAST, SCA, DAST, Burp suite)
- Experience with Amazon Web Services (AWS) services & API security
- Familiarity with Vault or other secret management and key management solutions
- Familiarity with scripting and automation skills, implementing in Python, Bash, Go or similar languages
- Organizational skills, attention to details, trustworthiness, willingness to speak up, proactiveness, persuasiveness
- Note: You don’t have to know all the mentioned tools as appropriate training is planned for prospective candidates
Benefits and compensations
- Working with smart and kind people who happen to be world-class professionals
- Job-specific training and workshops
- Nicely designed office interior in the city center
- Competitive salary
- Private healthcare
- Full-time contract
- Flexible working hours and remote work policy