227
- Skelbimas
- Atlygis/Miestas
- Apie įmonę
Job description
- Design, implement, and aggressively scale a Secure Software Development Life Cycle (SSDLC). You will define the processes, select the tools, and set the standards for secure coding across the engineering organization.
- Run developer security training.
- Lead threat modeling and security architecture reviews.
- Embed security across the SDLC, from backlog to production.
- Integrate and tune security scanning tools (SAST, DAST, SCA, IAST, secret scanning) to catch vulnerabilities and security risks early.
- Research novel attack techniques and security weaknesses, and automate their detection using innovative tools and approaches.
- Triage, validate, and prioritize vulnerabilities discovered through automated tools and external penetration tests. Guide the engineering teams on effective remediation strategies.
- Partner with platform engineers on container, API, and infrastructure security.
- Collaborate closely with stakeholders across Security, Privacy, Compliance to integrate security capabilities into banking applications.
- Support incident response for application-level events and drive lessons learned.
- Establish KPIs for application security to track our risk posture, visibility, and remediation velocity.
Requirements
- 5+ years in application security, or a senior engineering role with a strong security focus.
- Track record of building or maturing an AppSec function.
- Deep knowledge of OWASP, ASVS, and modern web and API attack techniques.
- Hands-on threat modeling experience (STRIDE, attack trees, or similar).
- Strong skills in at least one backend language (Java, Kotlin, Go, Python, or similar).
- Experience integrating security tooling into CI/CD (GitHub Actions, GitLab CI, Jenkins, or similar).
- Familiarity with cloud (AWS, Azure, or GCP) and container security (Docker, Kubernetes).
- Able to explain risk clearly to both engineers and non-technical stakeholders.
- Comfortable working autonomously and shaping your own roadmap.
Nice to have:
- Fintech, banking, or other regulated industry background.
- Knowledge of DORA, PCI DSS, or NIS2.
- Offensive security experience (CTFs, bug bounty, OSCP, or similar).
- Contributions to open source security tools or research.
Company offers
- Competitive Compensation: Structured annual salary review with performance-based bonuses.
- Hybrid Work Model: Enjoy the flexibility of working both in a modern Kaunas office and remotely.
- Growth Opportunities: Participate in tailored career development programs and take on exciting challenges in a dynamic environment.
- Perks and Benefits: Health insurance after probation, additional trust days, team-building events, and involvement in charitable activities.
- Supportive Environment: Join a company that values teamwork, creativity, and continuous learning.
- Health & Well-being: Private health insurance, wellness initiatives, and annual health check-ups.
- Financial Security: Pension or investment plan with employer-matching contributions.
- Additional Time Off: Extra leave, sick days without a certificate, and support during difficult times.
- Bonuses & Support: Referral bonus and financial support in special situations.
- Culture & Community: Engagement platform, team events, and seasonal gifts.
- Flexibility: Hybrid work model and flexible working hours.
€
5800 - 8000
Vietovė
- Vilnius, Vilniaus apskritis, Lietuva
Laikas
- Visa darbo diena
Kontaktinis asmuo
Ema Zupkauskė
+37065392274
Ema Zupkauskė
+37065392274
Alliance for Recruitment is the biggest recruitment agency in the Baltics, servicing clients in CEE & Nordics and creating a brighter future for people around! We are the largest headhunting house measured by capacity, a number of successful placements, and annual growth, raising a high-performing team of recruitment experts from various industries.
Daugiau jūsų paiešką atitinkančių rezultatų:
Paslaugų departamento direktorius (-ė)
Informacinių technologijų departamento programuotojas (-a)
Product Owner
IT Business Analyst
IT pagalbos specialistas (-ė)
Projektų vadovas (-ė) (be projektavimo funkcijos)