Application Security Engineer

Sofia, Bulgaria

There's a Swedish company out there that's looking to make things run faster, longer, cleaner and safer. Meanwhile, they are undertaking a massive internal digital transformation that includes many interconnected physical sites, new systems, and much more. 

They are looking for an Application Security Engineer who will:

  • Define consistent Secure Software Development Lifecycle practices for all of the company's software projects.
  • Ensure end-to-end security of the company's infrastructure by hands-on testing, and hypothesizing threats.
  • Improve secure coding practices, application security requirements, automation, training, and metrics
  • Integrate threat modelling practices into the Software Development Lifecycle
  • Help build secure products and standards around emerging technologies and use existing standards and security practices.
  • Manage software security risk aligned with business goals.


  • 5+ years overall experience in various positions within InfoSec.
  • 2+ years in application security experience.
  • Experience in driving and implementing secure development practices into the SDLC.
  • Deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities.
  • Knowledge of code management systems, CI/CD systems (e.g.: Azure Pipelines, Jenkins), Docker, Kubernetes, microservice architecture, OAuth 2.0, OpenID Connect
  • CEH, GIAC, OSCP, GISCP, CISSP, IEC/ISA 62443, ISO 2700x certifications, or similar is a plus.

Let's talk whenever at

(No. 2709 from 17.01.2019)