Application Security Engineer
New
C
Constructor TECHEducation Technology
Remote in Bulgaria, Germany, Italy, Serbia, TurkeyFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- English
- Experience
- 3–5 years
- Required Skills
- PythonJavascriptC#Go
Requirements
- 3–5 years of experience in application security, with a focus on web applications and API security
- Good knowledge of at least one scripting or programming language (e.g., Python, JavaScript, C#, or Go)
- Experience with tools like OWASP ZAP, Burp Suite, Snyk, or similar
- Familiarity with secure coding, DevSecOps, and container security concepts
- Strong understanding of CVE, CVSS, and vulnerability disclosure workflows
- Excellent command of business English
- Knowledge of SBOM standards (CycloneDX, SPDX) and experience integrating SBOM tooling into CI/CD pipelines (Preferred)
- Knowledge of software composition analysis (SCA) tools (Preferred)
Responsibilities
- Perform threat modeling, security architecture review, and design analysis for web applications and APIs
- Conduct manual and automated security testing during development and pre-release stages
- Design and implement security pipelines (including SAST and DAST) and integrate them into the SDLC process
- Implement and manage SBOM generation and consumption processes across the SDLC
- Collaborate with development teams to ensure timely remediation of identified vulnerabilities
- Maintain security guidance aligned with OWASP best practices and provide trainings for development teams
- Stay current with evolving application security threats, tools, and industry developments
View Full Description & ApplyYou'll be redirected to the employer's site
