Security Engineer
Warszawa, Poland
StepStone Group
Our AI-driven job marketplaces, programmatic-powered marketing solutions and customer-centricity find the perfect candidate quickly and equitablyCompany Description
Who we are
At The Stepstone Group, we have a simple yet very important mission: The right job for everyone. Using our data, platform, and technology, we create opportunities for job seekers and companies around the world to find a perfect match, in fair and equitable way. With over 20 brands across 30+ countries, we strive for fair and unbiased hiring.
At our Tech Hub, located near Wilanowska Metro, we are here as more than 300 ambitious specialists who work on the development of our IT products. We are proud to be part of The Stepstone Group, a global expert in job-tech platforms and e-recruiting.
Join our team of 4,000+ employees and be part of reshaping the labour market and becoming the world’s leading job-tech platform.
The job at a glance
As an Application Security Engineer, you will play a pivotal role in safeguarding our organization's applications and data. You will work closely with development teams to integrate security tools into our CI/CD pipelines, ensuring that security is baked into the development process from the outset. Additionally, you will be responsible for automating threat modeling, security testing, and vulnerability assessments to proactively identify and mitigate potential risks.
Job Description
Your responsibilities
- CI/CD Integration: Develop and integrate security tools into our CI/CD pipelines to automate security testing, code analysis, and vulnerability scanning throughout the development lifecycle.
- Threat Modeling Automation: Create and maintain automated threat modeling processes to identify and assess potential security risks in our applications.
- Security Testing and Automation: Conduct and automate security testing activities, including vulnerability assessments, penetration testing, and code reviews, to identify and remediate security vulnerabilities.
- Web Application Architecture: Demonstrate a deep understanding of web application architecture and design principles to effectively assess and mitigate security risks.
- SDLC Knowledge: Apply knowledge of the Software Development Security Lifecycle (SDLC) to ensure security is integrated into all phases of the development process.
- Development Skills: Possess proficiency in .NET and Node.js development to contribute to secure coding practices and understand application vulnerabilities.
Qualifications
- Minimum 5 years of experience in application security or a related field.
- Strong understanding of security principles, practices, and frameworks (e.g., OWASP, NIST).
- Proficiency in scripting languages (e.g., Python, Bash).
- Experience with security tools and technologies (e.g., vulnerability scanners, Web Application Firewalls).
- Certification in cybersecurity (e.g., OSWE, OSCP, ).
- Experience with cloud-based security (e.g., AWS, Azure, GCP).
- Knowledge of DevOps practices and tools.
Additional Information
Software/Hardware
Mac/Dell laptop
Windows/macOS system
2 monitors (24",27",32")
Adjustable desks
Slack+Teams
Atlassian tools
JIRA, Confluence
Your benefits
We’re a community here that cares as much about your life outside work as how you feel when you’re with us. Because your job shouldn’t take over your life, it should enrich it. Here are some of the benefits we offer:
Medical and dental care
Life insurance
Benefit platform budget
Employee Referral Program
Hackathons, Knowledge Sharing Hours
In-house projects
Events and integration parties
Charity initiatives, 2 extra volunteer days
English/German classes
Game room and chillout zone
Our commitment
Equal opportunities are important to us. We believe that diversity and inclusion at The Stepstone Group are critical to our success as a global company, so we want to recruit, develop, and keep the best talent. We encourage applications from everyone, regardless of background, gender identity, sexual orientation, disability status, ethnicity, belief, age, family or parental status, and any other characteristic.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure Bash CI/CD Cloud Code analysis Confluence DevOps Firewalls GCP Jira MacOS NIST Node.js OSCP OSWE OWASP Pentesting Python Scripting SDLC Vulnerabilities Windows
Perks/benefits: Gear Insurance Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.