Application Security Engineer
C
Constructor TECHEducational Technology
Remote in Bulgaria, Germany, Italy, Serbia, Turkey, 09:00/10:00 and 18:00/19:00 CET or EETFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- English
- Experience
- 3–5 years
- Required Skills
- PythonJavascript
Requirements
- 3–5 years of experience in application security, with a focus on web applications and API security.
- Good knowledge of at least one scripting or programming language (e.g., Python, JavaScript, C#, or Go).
- Experience with tools like OWASP ZAP, Burp Suite, Snyk, or similar.
- Familiarity with secure coding, DevSecOps, and container security concepts.
- Strong understanding of CVE, CVSS, and vulnerability disclosure workflows.
- Excellent command of business English.
- Knowledge of SBOM standards (CycloneDX, SPDX) (Preferred).
- Knowledge of software composition analysis (SCA) tools (Preferred).
Responsibilities
- Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
- Conduct manual and automated security testing during development and pre-release stages.
- Design and implement security pipelines (including SAST and DAST) and integrate them into the SDLC process.
- Implement and manage SBOM generation and consumption processes across the SDLC.
- Collaborate with development teams to ensure timely remediation of identified vulnerabilities.
- Maintain security guidance aligned with OWASP best practices and provide trainings for development teams.
- Stay current with evolving application security threats, tools, and industry developments.
View Full Description & ApplyYou'll be redirected to the employer's site
