Senior Information Security Engineer - Application Security

New
RomaniaFull-TimeSenior
SalaryCompetitive and transparent compensation package aligned with experience, skills, and location.
Apply NowOpens the employer's application page

Job Details

Required Skills
JavaKubernetesCI/CDMicroservices

Requirements

  • Significant hands-on experience in software engineering and secure coding practices, particularly within Java-based environments.
  • Strong background in securing SaaS platforms, cloud-native applications, and modern CI/CD ecosystems.
  • Proven experience conducting secure design reviews, threat modeling, and risk assessments for distributed systems and microservices architectures.
  • Deep expertise in application security tooling, including SAST, DAST, SCA, dependency management, and container/image scanning technologies.
  • Strong knowledge of vulnerability management processes, including triage, prioritization, remediation coordination, and risk acceptance frameworks.
  • Experience managing or supporting security incidents and escalations in complex environments.
  • Excellent communication and stakeholder management skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
  • Collaborative and developer-centric mindset, focused on enabling secure innovation.
  • Experience with additional technologies such as Python, JavaScript, or TypeScript is considered an advantage.
  • Familiarity with Kubernetes, container security, and modern cloud environments is highly desirable.
  • Previous experience within B2B software organizations, particularly in high-availability or multi-tenant environments, is a plus.
  • Experience delivering security training, workshops, or awareness initiatives for engineering teams is beneficial.

Responsibilities

  • Partner with engineering teams throughout the software development lifecycle to integrate security-by-design principles into products and services.
  • Lead the implementation, optimization, and integration of application security tools, including SAST, DAST, SCA, and container security solutions within CI/CD pipelines.
  • Drive vulnerability management initiatives by identifying, prioritizing, and coordinating remediation efforts across applications and software supply chains.
  • Conduct secure architecture reviews, threat modeling exercises, and risk assessments for distributed, API-driven, and microservices-based systems.
  • Support and coordinate application security incidents, collaborating with internal stakeholders to investigate, mitigate, and learn from security events.
  • Contribute to security audits, customer assurance activities, compliance initiatives, and continuous improvement of security processes.
  • Promote pragmatic and developer-friendly security practices while enabling teams to make informed, risk-based decisions.
  • Help enhance the overall security posture of products and engineering processes through automation, guidance, and strategic security initiatives.
View Full Description & ApplyYou'll be redirected to the employer's site
Competitive and transparent compensation package aligned with experience, skills, and location.
Apply Now