Senior Application Security Engineer

Alliance for Recruitment, UAB

Подробности
Основная информация
Компания

Job description

Design, implement, and aggressively scale a Secure Software Development Life Cycle (SSDLC). You will define the processes, select the tools, and set the standards for secure coding across the engineering organization.
Run developer security training.
Lead threat modeling and security architecture reviews.
Embed security across the SDLC, from backlog to production.
Integrate and tune security scanning tools (SAST, DAST, SCA, IAST, secret scanning) to catch vulnerabilities and security risks early.
Research novel attack techniques and security weaknesses, and automate their detection using innovative tools and approaches.
Triage, validate, and prioritize vulnerabilities discovered through automated tools and external penetration tests. Guide the engineering teams on effective remediation strategies.
Partner with platform engineers on container, API, and infrastructure security.
Collaborate closely with stakeholders across Security, Privacy, Compliance to integrate security capabilities into banking applications.
Support incident response for application-level events and drive lessons learned.
Establish KPIs for application security to track our risk posture, visibility, and remediation velocity.

Requirements

5+ years in application security, or a senior engineering role with a strong security focus.
Track record of building or maturing an AppSec function.
Deep knowledge of OWASP, ASVS, and modern web and API attack techniques.
Hands-on threat modeling experience (STRIDE, attack trees, or similar).
Strong skills in at least one backend language (Java, Kotlin, Go, Python, or similar).
Experience integrating security tooling into CI/CD (GitHub Actions, GitLab CI, Jenkins, or similar).
Familiarity with cloud (AWS, Azure, or GCP) and container security (Docker, Kubernetes).
Able to explain risk clearly to both engineers and non-technical stakeholders.
Comfortable working autonomously and shaping your own roadmap.

Nice to have:

Fintech, banking, or other regulated industry background.
Knowledge of DORA, PCI DSS, or NIS2.
Offensive security experience (CTFs, bug bounty, OSCP, or similar).
Contributions to open source security tools or research.

Company offers

Competitive Compensation: Structured annual salary review with performance-based bonuses.
Hybrid Work Model: Enjoy the flexibility of working both in a modern Kaunas office and remotely.
Growth Opportunities: Participate in tailored career development programs and take on exciting challenges in a dynamic environment.
Perks and Benefits: Health insurance after probation, additional trust days, team-building events, and involvement in charitable activities.
Supportive Environment: Join a company that values teamwork, creativity, and continuous learning.
Health & Well-being: Private health insurance, wellness initiatives, and annual health check-ups.
Financial Security: Pension or investment plan with employer-matching contributions.
Additional Time Off: Extra leave, sick days without a certificate, and support during difficult times.
Bonuses & Support: Referral bonus and financial support in special situations.
Culture & Community: Engagement platform, team events, and seasonal gifts.
Flexibility: Hybrid work model and flexible working hours.

Брутто-зарплата в месяцБрутто/мес. € 5800 - 8000

Место работы

Vilnius, Vilniaus apskritis, Литва

Тип работы

Полный рабочий день

Контактное лицо
Ema Zupkauskė
+37065392274

Alliance for Recruitment is the biggest recruitment agency in the Baltics, servicing clients in CEE & Nordics and creating a brighter future for people around! We are the largest headhunting house measured by capacity, a number of successful placements, and annual growth, raising a high-performing team of recruitment experts from various industries.

Job description

Requirements

Company offers

Место работы

Тип работы

Похожие объявления о вакансиях