Application Security Engineer Offline

We’re BrainRocket β€” an international software development and digital solutions company driven by 1,300 talented professionals across Cyprus, Poland and Portugal.
Here, everything moves at rocket speed: driving innovation, pioneering projects, and fast-tracking careers.
Together, we turn ideas into actionβ€”let’s get started!

We invite a Senior Application Security Engineer to join our team remotely.

 

βœ… Responsibilities:
βœ”οΈ Demonstrated ability to collaborate with other teams to achieve complex objectives.
βœ”οΈ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
βœ”οΈ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
βœ”οΈ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
βœ”οΈ Define required policies, controls, and capabilities for the protection of products and environments.
βœ”οΈ Build and validate declarative threat models automation.
βœ”οΈ Participate in engineering teams’ product planning cycles and committees.
βœ”οΈ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
βœ”οΈ Serve as a trusted cyber security advisor to product and application teams.

 

βœ… Minimum Requirements:
βœ”οΈ Experience integrating security scanning/tooling into the development pipeline.
βœ”οΈ Experience in analyzing and securing microservices and applications developed using Javascript and Typescript.
βœ”οΈ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
βœ”οΈ Hands-on development experience in Python/shell scripting.
βœ”οΈ Strong understanding of supply chain security, software integrity, and secure software delivery.
βœ”οΈ Experience with docker and mesh technologies (such as ISTIO).
βœ”οΈ Experience with architecture and security reviews, threat modelling and application risk is highly desired.
βœ”οΈ Experience working with Agile methodologies.
βœ”οΈ Knowledge of privacy laws and regulations, such as GDPR desired.
βœ”οΈ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.

 

βœ… PREFERRED QUALIFICATIONS:
βœ”οΈ In-depth experience with architecting secure services on Kubernetes.
βœ”οΈ Extensive experience with architecting secure services on AWS or on-prem data centres.
βœ”οΈ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH is highly desirable.

 

βœ… We offer excellent benefits, including but not limited to:
πŸ§‘πŸ»β€πŸ’» Learning and development opportunities and interesting, challenging tasks.

πŸ“š Opportunity to develop language skills, with partial compensation for the cost of English classes.

🏝 Time for proper rest, with 20 working days of annual vacation.

πŸ“ˆ Competitive remuneration level with annual review.

🀝 Teambuilding activities.
 

Bold moves start here. Make yours. Apply today! 

The job ad is no longer active

Look at the current jobs Security β†’