Senior Application Security Engineer
Kyiv, Ukraine
6 днів тому


Our customer provides comprehensive workers' compensation healthcare solutions.

On current position, you will be responsible for on boarding and maintaining vulnerabilities discovered via scanning tools and manual reviews.


  • Assist in evaluating, planning, configuration, and implementation of new / existing security applications / tools
  • Systematically address application security issues and develop secure coding practices for multiple development teams
  • Integrate in application authentication, encryption, authorization, and access control
  • Provide mitigation strategies for applications from a secure coding perspective
  • Utilize application security scanning tools such as Burpsuite / Fortify to interpret reports and validate identified vulnerabilities and associated risks
  • Utilize source code scan tools to assist application development teams to apply the best practice for application security and catch potential vulnerabilities at early stage
  • Proactively work with team members to address security and compliance issues
  • Provide education and assistance to application developers for applying Security Software Development Life Cycle
  • Collaborate with development teams to prioritize and remediate vulnerabilities throughout the application lifecycle
  • Requirements

  • 5+ years of web development experience
  • 2+ years of .NET C# web development experience on Azure
  • 1+ year of application security experience
  • Proven experience in Static and / or Dynamic Application Security Testing
  • Familiarity with BSIMM, OWASP SAMM and / or OWASP ASVS would be a plus
  • Experience or familiarity with CI / CD pipelines and Agile environments would be a plus
  • Good understanding of the OWASP Top 10 Risks & Controls, and the SANS Top 25 Software Errors
  • Strong knowledge of applications hosted in cloud Amazon Web Services (AWS), Google (GCP) or Microsoft Azure clouds
  • Ability to demonstrate effective application vulnerability and penetration-testing skills including Injection, XSS, and XXE attacks in web applications nice to have
  • Ability to demonstrate effective skill with dynamic and static analysis tools and in software engineering principles, frameworks, and technologies
  • Ability to advise other engineers on application security best practices
  • Upper-Intermediate or higher English level, both spoken and written (B1+)
  • We offer

  • Competitive compensation depending on experience and skills
  • Individual career path
  • Social package - medical insurance, sports
  • Unlimited access to LinkedIn learning solutions
  • Compensation for sick lists and regular vacations
  • English classes with certified English teachers
  • Flexible work hours
  • Повідомте про це

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Надіслати заяву
    Моя електронна адреса
    Клацнувши по кнопці "# кнопка", я даю згоду neuvoo на обробку моїх даних та надсилання сповіщень електронною поштою, як це детально описано в Політиці конфіденційності neuvoo. Я можу будь-коли відкликати свою згоду або скасувати підписку.