Senior Application Security Specialist

This is a fully remote position, open to applicants in Poland.

📋 Description

• Design, implement, and sustain security gates within CI/CD pipelines

• Investigate and deploy AI-driven security tools to improve vulnerability detection and automate the triage process

• Perform routine internal penetration tests on web, mobile, and AI-based applications

• Collaborate with external security firms for third-party audits and oversee the complete remediation process

• Execute security evaluations and threat modeling specifically for AI-enhanced features

• Facilitate threat modeling sessions with architects and developers to recognize potential attack vectors

• Conduct regular security assessments, triage findings, and work with engineering teams to prioritize remediation efforts

• Develop guidelines and best practices for the secure utilization of AI coding assistants

• Carry out manual and automated in-depth code reviews

• Serve as a security consultant for product teams, offering insights on OWASP Top 10 and secure coding standards

• Regularly monitor high-level availability and performance dashboards

⛳️ Requirements

• Over 3 years of professional experience in Application Security, Penetration Testing, or Secure Software Development

• Hands-on experience with Azure cloud solutions and securing SaaS platforms

• Knowledge of the OWASP Top 10 for LLM Applications and common risks related to Generative AI and Machine Learning models

• Comprehension of prevalent web and mobile application vulnerabilities (e.g., OWASP Top 10, SANS Top 25) and methods for remediation using industry-standard practices (e.g., OWASP WSTG)

• Practical experience with application security tools

• Background in integrating security checks into CI/CD pipelines (e.g., Azure DevOps)

• Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related technical discipline

• Strong English communication skills to convey complex security, AI, and pentesting risks to diverse stakeholders

• Exceptional communication, facilitation, and negotiation skills, with the capability to articulate complex security, AI, and pentesting risks to various stakeholders

• Proficient in English (both written and spoken)

🏝️ Benefits

• Support with all necessary office and IT equipment

• Flexible working hours

• Wellness allowance for mental and physical well-being

• Access to professional mental health support

• Referral bonus policy

• Opportunities for learning and development

• Participation in sustainability events and community engagement

• Peer recognition program

• Employee-led resource groups

• Optional (fully covered or co-financed) health care and life insurance

• Multisport card

• Multikafeteria

• Lunch card

• Hybrid work organization

• Remote work from abroad policy

• Internet and electricity bill allowance

• Additional day for community service when volunteering