R&D Security Specialist

Location: Sofia, Varna, Plovdiv,None,None

We are looking for an R&D Security Specialist to join one of our teams - the IT Security team.

YOUR DAILY CHALLENGES

• Collaborates closely with developers and product teams to help prioritise identified security issues and tasks within the development lifecycle;
• Analyses results from tools like Snyk and assesses risks (e.g., using CVSS) to support informed decisions on what should be fixed, when, and why;
• Participates in defining and maintaining security practices, including code reviews, source code protection measures, and internal awareness activities;
• Contributes to developing and maintaining security-related documentation, policies, and procedures;
• Coordinates with members of the central security team and the local technical lead to ensure alignment on security initiatives;
• Supports and encourages security awareness among peers – e.g., by engaging in initiatives similar to Security Champions inside development teams;
• While the position involves communication and coordination, it does not include managerial responsibilities. The focus is on technical expertise and accountable contribution, not on team management.

OUR EXPECTATIONS

• Minimum of 2 years of experience as a software developer, DevOps engineer, QA engineer with security interest, or as an Application Security specialist;
• Understanding of how R&D and software development environments operate, including Agile methodologies, backlog management, Jira, and CI/CD pipelines;
• Familiarity with core security concepts, including the OWASP Top 10, dependency management, and secure coding practices;
• Experience with, or interest in, tools such as Snyk, Checkmarx, SonarQube, or similar;
• Ability to analyse vulnerabilities and communicate priorities to various stakeholders;
• Understanding of relevant security frameworks and regulations such as GDPR, CVSS, and secure SDLC;
• Fluency in German (written and spoken) at C1–C2 level is a mandatory requirement;
• Fluent in English;
• Bachelor's degree in computer science studies.

CONSIDERED A PLUS

• Experience with web application firewalls (WAFs), XDR, cloud or application monitoring, or API security;
• Hands-on experience with penetration testing tools or workflows;
• Previous involvement in Security Champions, internal training, or peer knowledge-sharing initiatives;
• Certifications such as CISSP, CSSLP, CompTIA Security+, or similar.

WHAT YOU WILL GET

• Opportunity to work on meaningful products;
• A supportive environment to express your ideas and challenge you to be your best;
• An organisational culture that stimulates informal relationships and open communication;
• Access to conferences, internal and external training and self-learning systems;
• Opportunity to shape your role and contribution to the organisation;
• A variety of choices for internal events & activities to bond with other colleagues within the organisation;
• Great benefits and financial package.

We are looking for people with creative minds and enthusiasm to join us in developing what’s new, what’s next and what best serves our customers' needs.

We'll be happy to welcome you to our team!