This role is closed!
Application Security Engineer (Middle or Senior)
Essentials
Job title: Application Security Engineer
Location: Bucharest, Hybrid
Type: employment contract
Offer
Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of people worldwide
Working in a fast-paced and performance driven culture
Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
Competitive compensation and benefits package
Vast amounts of data to validate your ideas and the opportunity to experiment with real users
Client
Our client is a new established Center of Excellence based in Bucharest, Romania and was created to support the increasing business.
The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all our client brands. As part of our client’s Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer facing brands.
Role
Our client is seeking a highly talented and motivated application security engineer to drive initiatives that protect the security of our customers. This is a high impact role, offering the opportunity to work with the latest technologies in an environment that encourages original thinking and new approaches. You will be responsible for the security of our customer’s data, restaurant’s systems and our employee’s interactions with our infrastructure.
The ideal candidate will share our passion for engineering while maintaining the integrity and security of our data.
The application security engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases. Additionally, the application security engineer addresses legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. As issues are uncovered, the application security engineer communicates with the appropriate technical and leadership teams to ensure a focus on risk mitigation – allowing for business continuity, but without negligent risk.
Application security engineers are constantly assessing applications for weaknesses and finding resolutions before they can be abused.
This position is also responsible for assessing the security of applications for business-to-business initiatives, third-party relationships, outsourced solutions and vendors, application development. Considered a highly knowledgeable individual, the application security engineer is expected to recommend programmatic controls, and monitor and manage secure development practices to address modern day issues.
Responsibilities
Help the organization evolve its application security functions and services
Threat modeling, design reviews and consulting for teams throughout the company
Work with the product team to drive business enablement through requirements gathering and risk analysis
Perform validation of security controls to insure adherence with compliance and industry best practices
Translate vulnerability analysis results into actionable remediation and mitigation steps
Collaborate with Offensive Security and Threat Intelligence teams to identify novel vulnerabilities
Build tools to simplify and automate Application Vulnerability Management processes
Take a leadership role in working across the company on security projects
Assess and implement vendor security solutions that support our mission, application development
Requirements
4-7 years of combined Information Security or Information Technology Experience
B.S. or M.S. Computer Science or a related field, or equivalent experience
You have a breadth of knowledge and experience in application, infrastructure and systems security domains
You are a fast learner and have experience partnering with cross-functional teams
You have experience managing a bug bounty program, including triaging and providing strategic recommendations to engineering leads
Technical certifications within information security are a plus (CISSP, CCSP, OSCP, eLearn Security or equivalents)
Hacker mindset, passion for security always strive to think like an attacker
Professional development experience
Excellent written and oral communication skills
Vulnerability and penetration-testing skills
Excellence in communicating business risk from cybersecurity issues
Proficiency in software development (Java, JS, Go, Python, C++, Ruby, etc.)
Solid understanding of network and web protocols
Experience with security of intra-company and third-party APIs
Experience with dynamic and static analysis tools
Operate with a high level of independence with the ability to act as a mentor to junior Cybersecurity Engineers
Strong communication skills are required as well as the ability to work both independently and with a team
Experience with applied cryptography including PKI, SSL, and key management
Experience with access and identity management
Experience with SIEM and log management
Apply today
If you meet the minimum requirements and are interested in applying for this position, please send your details to careers@key-talents.com with “Application Security Engineer”, in the subject line.