Responsibilities:
- Developing and supporting Secure Software Development Life Cycle methodology.
- Developing and supporting Vulnerability Management; from methodology to tools.
- Implementing static application security testing (SAST), configuring rules.
- Implementing tools for, conducting and automating dynamic application security testing (DAST).
- Developing strategies for and conducting Penetration Testing for developed applications.
- Preparing the environment for and participating in PA SFF certification.
- Collaborating with the Security Officer, creating an Application Security Community within the company.
- Preparing Security Champions programs and conducting training.
Requirements:
- 2+ years of experience in Application Security.
- Knowledge of Software Development Life Cycle, understanding of the CI/CD principles.
- Knowledge of Secure Software Development Life Cycle methodologies (SSDF, MS SDL, CLASP, BSIMM, …).
- Knowledge of OWASP tools, types of vulnerabilities, ways to identify and fix them.
- Experience with static and dynamic software scanners (Sonarqube, Burp Suite, OWASP ZAP, …).
- Experience in Third-Party Vulnerability Management and corresponding tools integration into CI/CD.
- Interest in professional development in Application Security.
Desirable:
- Knowledge of Java, Python, groovy to automate work activities.
- Knowledge of SQL, preferably PL/SQL.
- Experience with DevOps stack.
We offer:
- Competitive salary and annual bonus
- Medical insurance
- Snacks and drinks in the office
- Corporate events
- Relocation package if needed
- Education and development opportunities
- Flexible working hours
- Office OR remote OR hybrid work.
Ready to apply for this role?
Apply Now →
