Senior Application Security Engineer
Indexed description
We invite a Senior Application Security Engineer to join our team in Belgrade, Serbia.
‼️ This is a 100% office-based role – no remote or hybrid options. We provide relocation support if your current location is different.
✅ Responsibilities:
✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.
✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
✔️ Define required policies, controls, and capabilities for the protection of products and environments.
✔️ Build and validate declarative threat models automation.
✔️ Participate in engineering teams’ product planning cycles and committees.
✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
✔️ Serve as a trusted cyber security advisor to product and application teams.
✅ Requirements:
✔️ Minimum of 3 years experience as an Application Security Engineer.
✔️ Experience integrating security scanning/tooling into development pipeline.
✔️ Experience in analyzing and securing microservices and applications developed using Javascript and Typescript.
✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
✔️ Hands-on development experience in Python/shell scripting.
✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.
✔️ Experience with docker and mesh technologies (such as ISTIO).
✔️ Experience with architecture and security reviews, threat modeling and applications risk highly desired.
✔️ Experience working with Agile methodologies.
✔️ Knowledge of privacy laws and regulations, such as GDPR desired.
✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.
✅ PREFERRED QUALIFICATIONS:
✔️ In-depth experience with architecting secure services on Kubernetes.
✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.
✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH is highly desirable.
✅ We offer excellent benefits, including but not limited to:
🏝 24 vacation days annually
🤒 6 sick days without a medical certificate
🏥 Premium Health Insurance (coverage up to 5,000 EUR annually)
🎉 Special occasion gifts: birthday, wedding, newborn
📚 Learning & Development budget (for conferences, courses and certifications)
🌍 Corporate events: international parties, team buildings, activities
📈 Career growth opportunities in a fast-growing company
✈️ Relocation package for international candidates
🏋️ Sports package (FitPass membership)
🗣️ Language classes: Serbian & English (company-covered)
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search