Back to search
Rozmith LLC Linkedin · Posted yesterday

Application Security & PAM Engineer (Remote)

Skopje

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

POSITION OVERVIEW:

We are delivering a 12-month Application Security (AppSec) and Privileged Access Management (PAM) programme for an entire enterprise client, covering platform licensing, implementation, and ongoing support. You will be the hands-on engineer at the centre of that delivery: integrating an AppSec scanning platform into the client's development pipelines, deploying and operating a PAM solution across their infrastructure, and supporting both through the service period.


This role is tool-agnostic by design, we work with leading commercial platforms across SCA/SAST/container/laC scanning and credential vaulting/session management. Strong fundamentals matter more than experience with any particular product.


KEY RESPONSIBILITIES:

-Application Security:

  • Configure and administer the AppSec platform: organisation structure, SSO/RBAC, and security policy baselines (severity thresholds, licence policies, build-gating criteria).
  • Integrate scanning into source-code management and CI/CD pipelines; enable container registry and infrastructure-as-code scanning.
  • Set up ticketing/workflow integrations for automated finding triage and assignment.
  • Run developer enablement sessions and maintain the triage and remediation playbook.

-Privileged Access Management:

  • Deploy and configure the PAM solution (SaaS or on-premises), including high-availability and DR configuration where required.
  • Integrate with Active Directory / identity providers; enforce SSO and MFA for privileged access.
  • Discover and onboard privileged accounts into the vault across servers, databases, network devices, and cloud consoles; configure automated password rotation.
  • Configure brokered RDP/SSH session management, recording and monitoring.

-Delivery and support:

  • Produce and maintain solution design documents, runbooks, and test/UAT artefacts.
  • Handle incidents and service requests again severity-based SLAs; manage escalations to software publishers.
  • Contribute to quarterly service reviews: KPIs, adoption metrics, risk trends, and recommendations.
  • Deliver administrator and end-user training.


REQUIRED SKILLS AND EXPERIENCE:

  • 3+ years in security engineering, DevSecOps, or infrastructure security roles.
  • Hands-on experience with at least one commercial or open-source AppSec scanning platform (SCA, SAST, container, or laC scanning).
  • Hands-on experience with at least one enterprise PAM solution (credential vaulting, password rotation, session management).
  • Solid understanding of CI/CD tooling (e.g., GitHub Actions, GitLab CI, Jenkins, Azure DevOps) and Git-based workflows.
  • Windows and Linux server administration; Active Directory and identity concepts (SSO, SAML/OIDC, MFA).
  • Scripting ability (PowerShell, Bash, or Python) for automation and integration work.
  • Clear written and spoken English; ability to produce client-facing documentation and run workshops.


NICE TO HAVE:

  • Security certifications such as CISSP, OSCP, AZ-500, or vendor certifications for AppSec/PAM platforms.
  • Experience with cloud platforms (AWS, Azure, GCP) and cloud privileged access patterns.
  • Familiarity with compliance frameworks: ISO 27001, SOC 2, PCI DSS, NIS2.
  • Experience in a consulting or managed-services environment with direct client contact.
  • Macedonian language skills.


COMPENSATION AND BENEFITS:

  • Competitive salary range based on experience and qualifications.
  • Hybrid working and flexible hours.
  • Funded certifications and training in leading security platforms.
  • Collaborative and supportive team environment with continuous training and growth potential.
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent