Senior Information Security Engineer - Application Security
New
RomaniaFull-TimeSenior
SalaryCompetitive and transparent compensation package aligned with experience, skills, and location.
Apply NowOpens the employer's application page
Job Details
- Required Skills
- JavaKubernetesCI/CDMicroservices
Requirements
- Significant hands-on experience in software engineering and secure coding practices, particularly within Java-based environments.
- Strong background in securing SaaS platforms, cloud-native applications, and modern CI/CD ecosystems.
- Proven experience conducting secure design reviews, threat modeling, and risk assessments for distributed systems and microservices architectures.
- Deep expertise in application security tooling, including SAST, DAST, SCA, dependency management, and container/image scanning technologies.
- Strong knowledge of vulnerability management processes, including triage, prioritization, remediation coordination, and risk acceptance frameworks.
- Experience managing or supporting security incidents and escalations in complex environments.
- Excellent communication and stakeholder management skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
- Collaborative and developer-centric mindset, focused on enabling secure innovation.
- Experience with additional technologies such as Python, JavaScript, or TypeScript is considered an advantage.
- Familiarity with Kubernetes, container security, and modern cloud environments is highly desirable.
- Previous experience within B2B software organizations, particularly in high-availability or multi-tenant environments, is a plus.
- Experience delivering security training, workshops, or awareness initiatives for engineering teams is beneficial.
Responsibilities
- Partner with engineering teams throughout the software development lifecycle to integrate security-by-design principles into products and services.
- Lead the implementation, optimization, and integration of application security tools, including SAST, DAST, SCA, and container security solutions within CI/CD pipelines.
- Drive vulnerability management initiatives by identifying, prioritizing, and coordinating remediation efforts across applications and software supply chains.
- Conduct secure architecture reviews, threat modeling exercises, and risk assessments for distributed, API-driven, and microservices-based systems.
- Support and coordinate application security incidents, collaborating with internal stakeholders to investigate, mitigate, and learn from security events.
- Contribute to security audits, customer assurance activities, compliance initiatives, and continuous improvement of security processes.
- Promote pragmatic and developer-friendly security practices while enabling teams to make informed, risk-based decisions.
- Help enhance the overall security posture of products and engineering processes through automation, guidance, and strategic security initiatives.
View Full Description & ApplyYou'll be redirected to the employer's site