Middle Application Security Engineer

Poznań, Poland

Full Time Mid-level / Intermediate EUR 21K - 39K * ^est.

SOFTSWISS

SOFTSWISS is a gambling software development company with one-stop-shop iGaming software solutions and services for online casino and sportsbook.

View all jobs at SOFTSWISS

Apply now Apply later

Posted 15 hours ago

Overview:

SOFTSWISS continues to expand the team and is looking for an Application Security Engineer. We need a true, experienced, and accomplished professional who shares our culture and values.

Our goal is to make sure that we deploy secure software to production without unnecessary bottlenecks, that applications are properly hardened, and security vulnerabilities, once discovered, are fixed by the developers.

As an Application Security Engineer, you will play a crucial role in ensuring the security of our applications throughout the entire software development lifecycle (SDLC). You will partner closely with the product teams to identify, analyze, and mitigate security vulnerabilities, contributing to the creation of trustworthy and robust products.

Security Team:

SOFTSWISS Security Team takes care of iGaming services protection, data privacy, and business continuity to ensure that nothing distracts satisfied customers from using our products. We work closely with the IT team that develops and supports our services, and together we create genuinely excellent and secure iGaming products.

Key responsibilities:

Plan, design, implement, automate and (if you wish) support AppSec tools.
Contribute to building a company-wide processes for secure code development and deployment.
Assess products and new features through risk assessment, threat modelling and manual security testing with white box approach.
Triage identified security vulnerabilities, provide clear and actionable descriptions and ensure these findings are properly addressed and mitigated.
Manage the bug bounty program, collaborate with researches and internal teams to resolve the discovered vulnerabilities.
Partner with Dev/QA teams throughout a development lifecycle to enhance the security posture of the application by providing expert consulting, knowledge sharing and clear security requirements.

Requirements:

2+ years of experience in the information security field, with at least 1 year of experience in application security.
Knowledge of secure development processes and best practices.
General web application security knowledge (i.e., how the web actually works? What is SOP and why do we need CORS? What is CSP?).
Practical knowledge of common web application vulnerabilities (i.e., OWASP Top 10), and how to detect and prevent them.
Knowledge of secure system/application architecture and design principles.
Understanding of modern threats to high-performance web applications that is used by millions of users daily.
Practical, hands-on experience in security assessments (penetration testing and code review).
University degree in Computer Science, Information Security, or related field, or equivalent combination of education and experience.
Intermediate or higher English level.

Nice to have:

Passion about programming.
Technical knowledge of network and operating systems security.
Hands-on DevSecOps experience.
Practice of participation in bug bounty programs and/or CTFs.
Deep knowledge of SAST/DAST tools, including customisation.
Relevant certifications (i.e., OSWE, GWEB, etc.).

What we offer:

Full-time remote work opportunities and flexible working hours
Comprehensive Mental Health Programme
Private insurance
Sports program compensation
Free online English lessons
An additional 1 Day off per calendar year
Generous referral program
Training, internal workshops, and participation in international professional conferences and corporate events

About us:

SOFTSWISS is an international company, and an iGaming software expert. We don’t only follow iGaming market trends, we create them! SOFTSWISS is a recognised industry leader in iGaming software solutions development, covering almost all aspects of the iGaming industry. The company has an international team and an official presence in several countries. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media.