Back to search
Sofia Stars Linkedin · Posted 8d ago

Application Security Engineer

Sofia

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Sofia Stars is a fast-growing global service provider that guides high-growth businesses to success. Our range of tailored solutions includes R&D, Customer Support, Sales, KYC, Risk, and Anti-Fraud services. We make every connection shine with fresh tech and cultural understanding.


Responsibilities:

  • Demonstrated ability to collaborate with other teams to achieve complex objectives.
  • Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
  • Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
  • Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
  • Define required policies, controls, and capabilities for the protection of products and environments.
  • Build and validate declarative threat models automation.
  • Participate in engineering teams’ product planning cycles and committees.
  • Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
  • Serve as a trusted cyber security advisor to product and application teams.


Minimum Requirements:

  • Experience integrating security scanning/tooling into the development pipeline.
  • Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
  • Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
  • Hands-on development experience in Python/shell scripting.
  • Strong understanding of supply chain security, software integrity, and secure software delivery.
  • Experience with Docker and mesh technologies (such as ISTIO).
  • Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
  • Experience working with Agile methodologies.
  • Knowledge of privacy laws and regulations, such as GDPR desired.
  • Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.


PREFERRED QUALIFICATIONS:

  • In-depth experience with architecting secure services on Kubernetes.
  • Extensive experience with architecting secure services on AWS or on-prem data centers.
  • Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.


Our Excellent Benefits:

  • Up to 25 vacation days
  • 6 undocumented sick leaves
  • Medical insurance and dental coverage
  • Sport card 70% coverage (Multisport and/or CoolFit)
  • Food vouchers (102 EUR)
  • Appreciation gifts (birthday, wedding, newborn, etc.)
  • Office massages
  • Breakfast, lunch & snacks in the office
  • Education budget
  • Monthly team events
  • Great office location


Working Model:

  • This is an office-based position in Sofia, Bulgaria.


Grow fast, shine globally!

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent