Application Security Engineer

Location Sofia OR Fully Remote
Job Type Permanent
Salary Dependent On Experience
Reference 29878

SECURITY ENGINEER

My client is on the lookout for a Security Engineer with a good understanding of HTTP protocols,  who is ready to step up their career and reap the rewards with a top end payments company!

They are on a mission to simplify payment solutions and make them exciting and enjoyable. If you're interested in FinTech as the emerging industry that revolutionizes everyday finances.

 

  • Maintain current knowledge of security threats and vulnerabilities that could impact the product and technology stack components, and help development and product teams identify solutions that meet security requirements
  • Participate in design and requirement reviews and provide design solutions that allow the application to maintain security without losing functionality

  • Provide subject matter expertise on secure design & coding practices, assist in building and rolling out related guidelines and standards, perform manual source code reviews for high risk components

  • Evaluate and operationalize security tools by integrating with the development environment

  • Conduct application-level penetration testing and independent reviews of source code

    repositories

  • Review and improve security architecture of the product

  • Perform security assessments of the applications on a recurrent basis to ensure security requirements are being met. Providing security sign-off of applications being moved to live environments

  • Conduct source and dynamic application security reviews in relevant languages

  • Define security test cases during test automation and develop new tools to improve the security

    of the applications


    What they expect

  • Development background

  • Experience in a similar Information Security position

  • Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters

  • Experienced in relevant development languages (Java, C/C++, Perl, Python, PHP, .NET)

  • Good understanding of HTTP protocols, security controls, API design and security testing


    Experience in the following areas

  • Understanding of cryptography

  • A good understanding of Android

  • Penetration testing consultancy

  • Source code reviews

  • Vulnerability management

  • Application security assessments (source code and dynamic)

  • Automation

  • Vulnerability research

  • Security tool development

  • Experience with static source-code analyzers

  • Experience with dynamic application security testing tools

  • Experience with Web-Application Firewalls (WAF)

  • Software and protocol reverse engineering

Apply Now