Application Security Engineer - Octopus by RTG

Who we are;

Octopus by RTG is enabling a key partner organization to grow their tech teams while focusing on AI. We are currently looking for the right pioneers to join the team!

Octopus is proud to be part of the Robusta Technology Group (RTG), a leading tech group. With a decade of experience and a successful track record of delivering over 300 projects across Europe, the Middle East, and North America, RTG has established itself as a preferred employer in the Egyptian market. Octopus and Robusta are building a bridge between Europe and Africa, creating tailored hub solutions to connect companies with top talent across the globe.

Octopus is specialized in rapidly assembling remote & onsite global tech teams that are fully aligned with the culture and practices of a particular brand. By providing tailored hubs to suit its clients needs, Octopus gives companies all the advantages of remote work and offshoring without all the negatives.

You will be working with an Egypt-based grocery delivery startup, founded in 2017, rapidly grew from a local bakery service to a full-scale platform offering thousands of daily essentials delivered in under an hour. Backed by over $33M in funding, it operates across major Egyptian cities and is expanding regionally with a strong tech-driven supply chain.

Role Objective:

The Security Engineer will be responsible for supporting the secure design, development, and deployment of applications by identifying vulnerabilities, performing code and security reviews, and collaborating with engineering teams to embed security throughout the software development lifecycle. They will also contribute to threat modeling, security testing, and the continuous improvement of application security practices and tools.

Key Roles & Responsibilities:

• Perform basic application security testing (SAST, DAST) using tools like Burp Suite, SonarQube, or Veracode.
• Perform manual and automated code reviews, vulnerability assessments, and penetration testing for web and mobile applications.
• Collaborate with developers to identify and remediate security issues during the SDLC (Secure Development Lifecycle).
• Analyze findings from SAST, DAST, and SCA tools and guide teams on resolution.
• Participate in threat modeling and design review sessions to identify potential security risks.
• Assist in maintaining and evolving secure coding guidelines and developer training.
• Work with QA and DevOps teams to integrate security tools into CI/CD pipelines.
• Stay current on emerging threats, attack techniques, and security trends.
• Document technical security findings, track remediation, and contribute to risk assessments.
• Support application security awareness efforts across engineering teams.

Requirements

Required Experience, Education, Knowledge, and Skills:

• 0–3 years of experience in application security or related fields.
• Bachelor’s or master’s degree in cybersecurity, computer science, or a related field.
• Basic knowledge of application vulnerabilities and security testing tools.
• Familiarity with at least one programming language (e.g., Java, .NET, Python, JavaScript).
• Eager to learn and grow in AppSec.
• Good communication and teamwork skills.
• Detail-oriented with a problem-solving mindset.

Preferred Certifications:

• E|CDE, C|ASE, OSWA, eWPT, GWAPT, or similar (a plus, not required).

Benefits

• Social and Medical Insurance